tags:

views:

204

answers:

2

I have an Azman store in AD, but cannot access it from our ASP.NET web server. I'm assuming that I need to grant the ASP.NET Network Service permission to the Azman store (using the Azman config tool), but cannot find the account for the ASP.NET server in AD.

Should I use the Network Service account or reconfigure ASP.NET to impersonate a network account that I can locate in AD?

+2  A: 

NETWORK SERVICE is predefined local account. For that reason you won't be able to find it in AD.

http://msdn.microsoft.com/en-us/library/ms684272%28VS.85%29.aspx

If you need to connect to external resources you need to run your web application under a domain account and setup permissions accordingly.

DmitryK
+1  A: 

Create a domain account for your ASP.NET service. Be sure to limit its priviliges, as it is a vulnerable account. Do not use the account for anything else. Assign it as the identity for the web site's application pool.

Tor Haugen