My Technology Reference

ASP.Net 2.0 application can use impersonation by changing value in web.config.

<identity impersonate=”true” userName=”YourUserName” password=”YourPassword” />

User you are impersonating as requires some privileges to execute ASP.Net application which can be supplied by executing following command:

aspnet_regiis -ga YourUserName

However username and password values should be secured. Identity elements can be secured by storing in registry. Information related to identity impersonation can be found at http://msdn2.microsoft.com/en-us/library/72wdk8cc(VS.80).aspx or http://support.microsoft.com/kb/329290

Creating registry entry

• Download aspnet_setreg.exe zip from http://support.microsoft.com/kb/329290
• Extract content to D:\Tools
• Start command promp and
  • Run cd D:\Tools
  • Run aspnet_setreg.exe -k:SOFTWARE\CompanyName\ApplicationName\identity -u:”YourUserName” -p:”YourPassword”

Adding access to registry

• Click Start, click Run, type regedt32 in the Open box, and then click OK.
• Click the HKEY_LOCAL_MACHINE\SOFTWARE\CompanyName\ApplicationName\identity\ASPNET_SETREG.
• On Microsoft Windows XP or on Windows Server 2003, right-click the registry key, and then click Permissions.
• Click Add. In the dialog box that opens, type yourservername\NetWork Service (or yourservername\ASPNET when using IIS 5.0), and then click OK.
• Make sure that the account that you just added has Read permissions, and then click OK.
• Close Registry Editor.

This encrypted registry entries can be used within configuration as following:

<identity impersonate=”true” userName=”registry:HKLM\SOFTWARE\CompanyName\ApplicationName\identity\ASPNET_SETREG,userName” password=”registry:HKLM\SOFTWARE\CompanyName\ApplicationName\identity\ASPNET_SETREG,password” />