English

Error: Page_error: Unable to impersonate specified user

Error Message

Under certain conditions, the ArcGIS .Net ADF impersonation control does not work correctly. The following error occurs while accessing an ArcGIS Server object with a VB.Net application that includes the impersonation control:

"Page_error: Unable to impersonate specified user"

For C# applications, the impersonation control results in a slightly different error message:

"Exception of type System.Web.HttpUnhandledException was thrown."

Cause

Microsoft .Net Framework impersonation does not have the necessary permissions on the operating system to function correctly.

This is a known issue with the .Net Framework. See Related Information for more details.

Solution or Workaround

There are two ways to address this issue. Both involve changing permissions to accommodate the use of impersonation within the .Net Framework. This is done either through the .Net Framework itself, or through the Operating System.

Either of these will alleviate the error. Consult with your system administrator to decide which solution is best.

  • Modify the machine.config file to change the account in which the Aspnet_wp.exe process runs.

    1. Open Windows Explorer and navigate to winnt >Microsoft .NET > Framework > v1.1.4322 > CONFIG and open the machine.config file in a text editor.

    2. Find the <processModel> section of this file and locate the active element below the comments. The comments explain the different attributes for the processModel element.

    3. Locate the user attribute in this element and change the attributes value from 'machine' to 'SYSTEM'.

    4. Change the password if necessary. When the SYSTEM attribute is specified the password can be left as 'autogenerate'.

    5. Save the file and reboot the machine.

    Note:
    It may also be necessary to make these changes on machines on which the application is deployed.


  • Grant the ASPNET user account the 'Act as part of the operating system' privilege.

    1. Open the Control Panel on the Server Object Manager machine and navigate to Administrative Tools > Local Security Policy > Local Policies > User Rights Assignment.

    2. Double-click on 'Act as part of the Operating System' to open the Local Security Setting dialog box.

    3. Click Add User or Group and add the ASPNET user account.

    4. Ensure the 'Local Policy Setting' box is checked.

    5. Click OK.

Related Information