I found something interesting on one of our test boxes today. Our generic web listener uses a web.config file to impersonate a user with enough security access to perform basic file i/o as well as some database stuff. This impersonation command is pretty simple. Here's our web.config below...
<configuration>
<system.web>
<authentication mode="Windows"/>
<identity impersonate="true" userName=".\SomeUser" password="SomePassword" />
</system.web>
</configuration>
Note how we use .\ to indicate what I thought was the current domain... it's not!
Turns out that .\ refers to the current computer... and if you're running on a domain controller it's no big deal - the domain controller is the current computer. However, on the 1% of servers we manager where our box is not the domain controller we need to manually add an extra user account to the local machine for this account. As long as this account has sufficient security our lister works like normal!
And it's amazing that there's no documentation on this .\ component anywhere on the web!