A bad day in sharepoint land

I ran into the worst of all Sharepoint problems – impersonation and permissions.


When using the regular WSS UI, login as John Doe Contributor. John Doe can check in and check out files, etc. Looking at SQL Profiler, you can see all of this is being done as the apppool account (NT Authority/Network Services) which has all of the necessary permissions.

Cut to a custom application which uses Windows Authentication and impersonation. Even in the same site, John Doe Contributor no longer has the right access permissions. Logging in with an admin account, all works fine.

I have been at this since yesterday. Now I am dangerously close to my deployment date (and of course a few new wrenches – including a biggie – have been thrown into my week). I have been reading blogs and articles galore and have gone down many paths.

Pros & Cons:

Web Services: This will most likely get me my Network Services account access. They are easy to write, but a little bit of a PIA to implement for Sharepoint.

Stored Procedures: most were okay to work with but checking in a file is a bear!

Mucking with Impersonation: dll hell, anyone?


  Sign up for my newsletter so you don't miss my conference & Pluralsight course announcements!  

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.