Sharepoint Forum

Ask Question   UnAnswered
Home » Forum » Sharepoint       RSS Feeds

Impersonation opinions

  Asked By: Evelyn    Date: Apr 08    Category: Sharepoint    Views: 838

I would like opinions from anyone that has one about the pros and/or cons of using registry impersonation versus WIC. I've inherited a few Web parts that use the registry impersonation method, giving another point of maintenance (my biggest concern).

Interested in methods used by you all.



3 Answers Found

Answer #1    Answered By: Ana Payne     Answered On: Apr 08

The ideal way for most companies to due impersonation/delegation is
through Windows Integrated Security and Kerberos. This method  is a
much better approach for the long run, but does have some setbacks.
First, it requires more setup by a Domain Admin (creating Service
Principal Names, allowing constrained delegation (W2K3 Domain) or
wide open delegation (W2k Domain). Also, if users access from a non-
domain pc, you will need to setup Kerberos Protocol Transition (only
available in a W2k3 Native domain). The pros  are that once Kerberos
is setup, there is not a lot of additional maintenance.
Impersonation happens. Also, moving forward Kerberos is becoming the
preferred method of Security and Delegation in the SharePoint world.

Answer #2    Answered By: Christop Mcfadden     Answered On: Apr 08

I wrote an article for SharePoint Advisor magazine some time back about how to do credential-less impersonation  in SharePoint 2003 by becoming the app pool account. Email me directly if you want more details.

I also did a follow-up post on my blog describing how to become the
system account with even less code.

Answer #3    Answered By: Lacey Daniels     Answered On: Apr 08

I would like info on this.

I am newbie as far as Programming sharepoint goes.

Didn't find what you were looking for? Find more on Impersonation opinions Or get search suggestion and latest updates.