ASP.NET programs that use Impersonation may not function properly on a Win 2K SP4 Server – Domain Controller

Service Pack 4 (SP4) on a Windows 2000 domain controller does not grant the IWAM account name SeImpersonatePrivilege; programs that use impersonation may not function properly.
Solution:

Click on the following from Control Panel on the Win 2K SP4 Server – Domain Controller

Administrative Tools -> Domain Controller Security Policy -> Security Settings -> Local Policies -> User Rights Assignment

“Impersonate a Client after Authentication”

Click Add (button) -> Browse (button)
In the Select Users or Groups dialog, select the IWAM account name and click Add.
To apply the policy type the following at a CMD.EXE prompt:
secedit /refreshpolicy machine_policy /enforceIn the CMD.EXE prompt, re-start IIS by typing iisreset

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: