I have an ASP.NET application that makes a WMI call on a remote system. The Web.config application contains <impersonate = "true"> and <authentication mode = "Windows"> which, as I understand it, must force the application code to be executed on behalf of the application user.
The problem is that I get the "Access Denied" error message, even though I can successfully execute the WMI request from the PowerShell console on the same host under the same user to the remote server.
ManagementScope scope = new ManagementScope();
scope.Path.NamespacePath = "root\\virtualization";
scope.Path.Server = "vs01";
scope.Connect();
# this works just fine
Get-WmiObject -Namespace 'root\virtualization' -Class Msvm_ComputerSystem -ComputerName vs01
Dumping HttpContext.Current.User.Identity.Name, System.Security.Principal.WindowsIdentity.GetCurrent (). The name, System.Threading.Thread.CurrentPrincipal.Identity.Name properties, indicates that the impersonation is working as expected.
Ideas? Could the problem be some kind of .NET or IIS protection?
source
share