Databases
StackOverflow2013
Postsdbo
POImpersonation, Active Directory, and "user does not have authority to xxxx" issues
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POImpersonation, Active Directory, and "user does not have authority to xxxx" issues
    text
    copied!<p>I have 2 ASP.NET MVC 3 applications. I am using impersonation via the web.config to allow me to query Active Directory to get details on the user. The application uses Windows authentication and does not allow anonymous users. One application is the primary application where the user performs their tasks. The other allows the user to set up other user's to look like them in application one.</p> <p>The test user's are getting the following error:</p> <pre><code>SQL1092N "&lt;DOMAIN ID&gt;" does not have the authority to perform the requested command. </code></pre> <p>This happens after I send a web request from my primary application to the secondary one. To get that working I had to make the request impersonate the actual user and not the identity the application uses for impersonation. This is actually an SO question I posted and had answered. That's here: <a href="https://stackoverflow.com/questions/13771992/how-do-i-call-an-mvc-action-via-a-webrequest-and-validate-the-request-through-ac">How do I call an MVC Action via a WebRequest and validate the request through Active Directory?</a></p> <p>At the end of that code, I call:</p> <pre><code>impersonationContext.Undo(); </code></pre> <p>It is after this web request takes place, that the primary application tries accessing the database and now it seems that the above call has undone the impersonation of the application, so the user's attempt to do anything that opens a database connection fails. At least, that's my working theory after a day of head bashing.</p> <p>My question is, how can I get the impersonation of the application to revert back to the user in the web.config? Or, when making my web request, is there a way to ensure the impersonation context only applies to that request?</p> <p>The whole point of all of this is that the second application has its own sql server database. The primary application uses DB2. I would like to write the database access code once, but use it in both applications. Currently that's what I've done, but my method of relying on the web request to get the data may not be the best approach.</p> <p>I'm open to any thoughts, comments, suggestions, and/or criticism. How should I go about handling this?</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload