Impersonation

As discussed in the "Authentication" section, a client is logged on to the Web or FTP service with either an anonymous or a nonanonymous user account. After the client logs on, Internet Information Services accesses all files and applications in the security context of that local user account—that is, the user it considers physically logged on the server. This functionality is called impersonation and allows the administrator to control access based on this account. However, in addition to being used with local resources, these credentials can be delegated to another server when it is accessed by the same user session. The rest of this chapter explores the concept of delegating credentials from Internet Information Services.

Get Internet Information Services Administration now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.