Microsoft KB Archive/831218

= How to assign impersonation user rights for MCMS 2002 when MCMS and the .NET Framework 1.1 are installed on a domain controller =

Article ID: 831218

Article Last Modified on 2/22/2007

-

APPLIES TO


 * Microsoft Content Management Server 2002

-



SUMMARY
This article describes how to assign impersonation user rights when Microsoft Content Management Server (MCMS) 2002 is installed on a computer with the Microsoft .NET Framework version 1.1, when MCMS is installed on a domain controller, or when MCMS is installed on a domain controller that also has the .NET Framework version 1.1 installed.



MORE INFORMATION
To assign impersonation user rights, follow these steps:
 * 1) Click Start, click Control Panel, double-click Administrative Tools, and then double-click Local Security Policy.
 * 2) In the Local Security Settings window, expand Local Policies, and then click User Rights Assignment.
 * 3) In the right pane, right-click Impersonate a client after authentication, and then click Properties.
 * 4) In the Properties dialog box, click Add User or Group.
 * 5) In the Select Users, Computers, or Groups dialog box, add the appropriate user or group, and then click OK.
 * 6) In the Properties dialog box, click OK.

Microsoft ASP.NET and domain controllers
In the .NET Framework version 1.0, problems may occur when the ASPNET local user account is promoted to a domain user account and the server is promoted to a domain controller. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

824308 BUG: IWAM account is not granted the impersonate privilege for ASP.NET

In the .NET Framework version 1.1, the ASPNET worker process runs under the IWAM_ account instead of under the ASPNET local user account.

ASP.NET and Windows 2000 Service Pack 4
When you apply Microsoft Windows 2000 Service Pack 4 (SP4) on your Microsoft Windows 2000 server computers, the SetImpersonatePrivilege security user right is added to the server's Local Security Policies snap-in. If your ASP.NET process is configured with Impersonation set to True, you must manually add your ASP.NET user to this new security user right.

You may also receive an MCMS site deployment error message. The error message that you receive is a COM exception error message with the error number of 80041b58. The error message originates from the CmsAuthorizationModule class. The CmsAuthorizationModule class permits ASP.NET applications to use MCMS authentication and authorization.

MCMS 2002 SP1
When you apply MCMS 2002 Service Pack 1 (SP1), MCMS 2002 is compatible with the .NET Framework 1.1, with Microsoft Windows Server 2003, and with Windows 2000 SP4. To resolve the issues that occur when the new security user right is added to the operating system, follow the steps that are described in the &quot;Adding impersonation privileges to ASPNET user&quot; section of the MCMS 2002 SP1 Readme file. To view the Readme file, visit the following Microsoft Web site:

In Windows Server 2003 and Windows 2000 SP4, the account that the ASP.NET process runs under must have impersonation user rights. By default, this account is the local ASPNET user; however, if this account does not have impersonation user rights, you must manually assign impersonation user rights to the appropriate account.

