I messed up the names. You go C->A->B. Therefore, machine A should be using SecurityDelegation to correctly propagate requests from
its clients to B.
Bruno Sartirana
Apogeo, Inc.
http://www.apogeo.com
-----Original Message-----
From: Bruno Sartirana [mailto:xxxxx@apogeo.com]
Sent: Friday, January 28, 2005 17:34
To: Windows File Systems Devs Interest List
Subject: RE: [ntfsd] STATUS_REPARSE and Access Denied
Shangwu,
You have an impersonation-level problem going from SRV on machine B to SRV on machine C. SRV on B sets the ImpersonationLevel in the
create thread’s security impersonation token to SecurityImpersonation, which is insufficient for going across the network to machine
C. You need the SRV on B to set ImpersonationLevel to SecurtityDelegation.
This article explains how you accomplish that:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secmod/html/secmod19.asp
Bruno Sartirana
Apogeo, Inc.
http://www.apogeo.com
-----Original Message-----
From: Shangwu [mailto:xxxxx@cox.net]
Sent: Friday, January 28, 2005 16:16
To: Windows File Systems Devs Interest List
Subject: [ntfsd] STATUS_REPARSE and Access Denied
Hello,
Please help me for this problem.
Our filter driver was implemented to redirect open file requests to another
location based on the reparse point mechanism.
Here is the scenario to reproduce the problem symptom.
There is a file - c:\shareA\file1.txt on machineA that runs Windows XP.
Move the file - c:\shareA\file1.txt from machine A to
\machineB\shareB\file1.txt and create a reparse point as
c:\shareA\file1.txt on machine A.
The reparse point points to the file \machineB\shareB\file1.txt on machine
B that is another Windows XP machine.
Then map the directory shareA of machine A on a third machine C.
If I open the file \machineA\shareA\file1.txt from the machine C, an error
message - “Access Denied” is popped up on C.
My account is a member of domain administrator.
I can open the file c:\shareA\file1.txt that is a reparse point from machine
A, which actually opens the file on machine B by reparsing, without any
problem.
I don’t know what’s causing this “Access Denied” problem.
Your response is very important.
Thank you very much,
Shangwu
Questions? First check the IFS FAQ at https://www.osronline.com/article.cfm?id=17
You are currently subscribed to ntfsd as: xxxxx@apogeo.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
Questions? First check the IFS FAQ at https://www.osronline.com/article.cfm?id=17
You are currently subscribed to ntfsd as: xxxxx@apogeo.com
To unsubscribe send a blank email to xxxxx@lists.osr.com