Some Details
- I am working with VisualWebGUI, so this app is like ASP.NET, and it is deployed on IIS 7 (for testing)
- For my 'Web Site', Anonymous Authentication is set to a specific user (DomainName\DomainUser). In my web.config, I have impersonation on. This is how I got my app to access the share in the first place.
The Problem
There is a point in the the app where we use the Thread class, something similar to:
Thread myThread = new Thread(new ThreadStart(objInstance.PublicMethod));
myThread.Start();
What I have noticed is that I can write to my logs (text file on the share), everywhere throughout my code, except in the thread that I kicked off. I added some debugging output and what I see for users is:
- The thread that's kicked off: NT AUTHORITY\NETWORK SERVICE
- Everywhere else in my code: DomainName\DomainUser (described in my IIS setup)
OK, for some reason the thread gets a different user (NETWORK SERVICE). Fine. But, my share (and the actual log file) was given 'Full Control' to the NETWORK SERVICE user (this share resides on a different server than the one that my app is running).
If NETWORK SERVICE has rights to this folder, why do I get access denied? Or is there a way to have the thread I kick off have the same user as the process?