1

I need to figure out what account is being impersonated when I'm getting an access denied error running code under SharePoint 2010.

I inherited this project with almost no overlap in resources and not enough base knowledge to ask the right questions.

There is an aspx page deployed as part of a SharePoint solution that is attempting to create a directory on a file share, but cannot do so, with an exception caught that indicates access is denied. The method throwing the exception is run via a call to SPSecurity.RunWithElevatedPrivileges(MethodName); Running the following code just before the creation attempt and printing the UserName variable to a log indicates a service account that should have full control of the share

SecurityIdentifier user = System.Security.Principal.WindowsIdentity.GetCurrent().User;
String UserName = user.Translate(typeof(System.Security.Principal.NTAccount)).Value;

I need to know how to find the name of the account attempting the creation, and ideally, where to change it - I welcome all ideas! Thanks!

Code Jockey
  • 6,611
  • 6
  • 33
  • 45
  • I don't think it matters that you are running SharePoint. Possible duplicate: http://stackoverflow.com/questions/7613468/getting-the-current-username-when-impersonated – P.Brian.Mackey Apr 09 '13 at 20:10

2 Answers2

1

SPSecurity.RunWithElevatedPrivileges runs under the application pool account, check the identity of the application pool for your SharePoint site.

JourneyThroughCode
  • 419
  • 3
  • 4
1

JourneyThroughCode is correct. You have to go to IIS and click "Application Pools", click the application pool your SharePoint web application is using and then on the right side click "Advanced Settings" and you will see the Identity. Careful with changing the password of this account because you will then have to go into Central Admin and change the password under "Managed Accounts" for central admin to use this Identity.

Ryan Sessions
  • 171
  • 2