Hi all,

i am using the NetworkService account together with .Net Remoting to
impersonate as computer against remote server.

My remoting objects are hosted by IIS which is properly impersonating the
platform.

This works fine for XP and Vista.


Now i want to do the same for W2k, but on W2k the NetworkService account is
not available.

If i use the System account, IIS is not able to impersonate me even when i
activated Kerberos. It always returns 401.2.

But the documentation says the System account should also be able to
impersonate as computer like the NetWorkService account.
But it doesn't work.

The MSDN Remoting Forum guys were not able to help me and told me to "follow
up with the Authentication team".

Any help is apreciated.



Regards,



Frank

Hi,

i have now some more information about what might be the problem.
I thought it was a general problem with LocalSystem account, but now it
seems to be a CAO problem:

The remoting architecture is the following:

I have a SAO Factory which i instantiate with Activator.GetObject (with help
of RemotingHelper from Ingo).

Then i call Factory.CreateInstance which returns me a CAO object i want to
use.
Until here it works fine with System account and impersonation at IIS.
But when i call any method of the CAO, it fails with 401.2.

But this works when i do the same with the NetworkService account.
And the behaviour is the same on different OS (i tested W2k and W2k3).

Any help ?


"FrankSt" wrote: