[cvsnt] CVSNT service user and impersonation

Rick Martin rsmandcam at _NO_SPAM_sbcglobal.net
Tue Feb 27 16:49:52 GMT 2007


On Tue, 27 Feb 2007 09:34:12 -0600, Glen Starrett wrote:

> Bo Berglund wrote:
>> So if you put some extra code into the script to create the drive letter
>> mapping in code it might work.
> 

Hi Bo, I would think the UNC would work if there was access rights. I don't
particularly need a drive letter it was just one of the things I was
trying. I'll give it a test to be sure. I think Glen maybe onto the root of
the problem. See below.

> It's been awhile since I looked at the restrictions around 
> impersonation, but I believe the impersonated credentials are only valid 
> on the local machine -- that is, you can't be impersonated on a server 
> then have that server use your credentials to connect to yet another server.
> 
> There are other ways around this though -- you might be able to include 
>   a username with password in the net use command, for example.  I'd 
> have to fiddle with it to come up with a solid way, but it can be done.
> 
> FYI, The shadow system is designed for shadow sandboxes on the CVSNT server.
> 
Hi Glen,
I think you are probably be right about the impersonation limitation. I'll
see if I can confirm it on MSDN.

I would think this is a relatively common desire. I want to automate
pushing changes from the cvs server to another server. How do people
publish web-site files? Certainly, the web server and cvs server are not
the same box. Do they always use a pull methodology instead of push?

I'll check out the NET USE with user credential, although I don't really
like hard-coding the password in the file. 
I'm tempted to write a service to use file change notification to watch
over the repository folders and kick off a process when changes are
detected. I was just hoping the built-in support could meet my needs.

Thanks,
Rick


More information about the cvsnt mailing list