RP
2009-08-05 08:25:01 UTC
Hi,
I have configured a private queue on Windows server 2008 where MSMQ is
configured with Domain mode.
I am trying to send message to this queue from a remote machine.
Both the machines are in same domain.
This works only when I give ANONYMOUS LOGON access to that queue.
But I don't want to give ANONYMOUS LOGON access to the queue due to security
reason. However, Except this none of the other permission seems to work.
I tried giving full access to Everyone, domain User (from which I am sending
the message), Another domain User which I am using to logon to the Windows
2008 which is running MSMQ, SYSTEM Account. Both the domain Users are
administrators on their respective machines.
Actually, whats happening is my client machine - from where I am sending
messages to the remote queue is logged with domain User name and msmq service
is running there with NETWORK SERVICES account.
The Server machine is having the MSMQ Service again running on NETWORK
SERVICES account. I have given rights to my Domain User account which I am
using to login into the client machine. Also, I have given the full rights to
the client Computer on this private queue.
Still the problem is same and I am only able to send message when I give
access to the ANONYMOUS LOGON account.
I have checked the properties of message which are sent successfully. It has
the SID and Source Computer as the GUIDs, which are I guess Active Directory
Unique names for the User ID and Computer Name. The User property of the
message is shown as "\".
Could you please give any clue with all the above description what could be
the issue with?
Thanks,
RP
I have configured a private queue on Windows server 2008 where MSMQ is
configured with Domain mode.
I am trying to send message to this queue from a remote machine.
Both the machines are in same domain.
This works only when I give ANONYMOUS LOGON access to that queue.
But I don't want to give ANONYMOUS LOGON access to the queue due to security
reason. However, Except this none of the other permission seems to work.
I tried giving full access to Everyone, domain User (from which I am sending
the message), Another domain User which I am using to logon to the Windows
2008 which is running MSMQ, SYSTEM Account. Both the domain Users are
administrators on their respective machines.
Actually, whats happening is my client machine - from where I am sending
messages to the remote queue is logged with domain User name and msmq service
is running there with NETWORK SERVICES account.
The Server machine is having the MSMQ Service again running on NETWORK
SERVICES account. I have given rights to my Domain User account which I am
using to login into the client machine. Also, I have given the full rights to
the client Computer on this private queue.
Still the problem is same and I am only able to send message when I give
access to the ANONYMOUS LOGON account.
I have checked the properties of message which are sent successfully. It has
the SID and Source Computer as the GUIDs, which are I guess Active Directory
Unique names for the User ID and Computer Name. The User property of the
message is shown as "\".
Could you please give any clue with all the above description what could be
the issue with?
Thanks,
RP