[cvsnt] CVSNT service user and impersonation
rsmandcam at _NO_SPAM_sbcglobal.net
Tue Feb 27 16:49:52 GMT 2007
On Tue, 27 Feb 2007 09:34:12 -0600, Glen Starrett wrote:
> Bo Berglund wrote:
>> So if you put some extra code into the script to create the drive letter
>> mapping in code it might work.
Hi Bo, I would think the UNC would work if there was access rights. I don't
particularly need a drive letter it was just one of the things I was
trying. I'll give it a test to be sure. I think Glen maybe onto the root of
the problem. See below.
> It's been awhile since I looked at the restrictions around
> impersonation, but I believe the impersonated credentials are only valid
> on the local machine -- that is, you can't be impersonated on a server
> then have that server use your credentials to connect to yet another server.
> There are other ways around this though -- you might be able to include
> a username with password in the net use command, for example. I'd
> have to fiddle with it to come up with a solid way, but it can be done.
> FYI, The shadow system is designed for shadow sandboxes on the CVSNT server.
I think you are probably be right about the impersonation limitation. I'll
see if I can confirm it on MSDN.
I would think this is a relatively common desire. I want to automate
pushing changes from the cvs server to another server. How do people
publish web-site files? Certainly, the web server and cvs server are not
the same box. Do they always use a pull methodology instead of push?
I'll check out the NET USE with user credential, although I don't really
like hard-coding the password in the file.
I'm tempted to write a service to use file change notification to watch
over the repository folders and kick off a process when changes are
detected. I was just hoping the built-in support could meet my needs.
More information about the cvsnt