Hi all,
I've been working with a ASP.NET and a VB component that uses the
thread-level impersonation token. Eventually figured out that setting
aspcompat=true in the top of the page allows VB to grab it.
Setting aspcomat=true seems to break my query with System.Management. A
local administrator can no longer do the following:
ManagementScope scope = new ManagementScope("root\\cimv2");
RelatedObjectQuery relatedQuery = new RelatedObjectQuery("associators of
{win32_Group.Domain='" + Environment.MachineName +
"',Name='Administrators'} WHERE AssocClass=Win32_GroupUser");
ManagementObjectSearcher searcher = new
ManagementObjectSearcher(scope,relatedQuery);
Access denied is returned on the call to searcher.Get().
Incidentally, this query returns the list of users in a group (in this
case the local Administrators group) - something that is very useful and
I found rather tricky to figure out. WMI is a strange beast. Willy -
thanks for all of your posts and samples on the subject. Your work has
really helped out.
The documentation says setting aspcompat to true will result in
performance degradation... but it doesn't mention that some .NET classes
will stop functioning. Again, a security problem.
Any thoughts on why this might be? Would there by side-effects with
other .NET classes?
Jeff
You can read messages from the DOTNET archive, unsubscribe from DOTNET, or
subscribe to other DevelopMentor lists at http://discuss.develop.com.
