We just attempted to deploy a new .net 4 web application with the beta managed provider. When attempting to open a new connection, we hit this exception:
The data protection operation was unsuccessful. This may have been caused by not having the user profile loaded for the current thread's user context, which may be the case when the thread is impersonating.
Is there an app pool setting in IIS that we need to change to get this to work? Locally it works fine, so I'm assuming it's some type of permissions issue.
No, we're not using impersonation. If it helps though, locally my app pool in IIS is set to Identity = ApplicationPoolIdentity, while on our test/prod servers Identity = Custom Account (so a specific account for each app pool).
Are you able to verify if "Load User Profile" is set to true or false for the identities that are not working?
If needed, you can find the value by doing the following within IIS Manager:
- Select Application Pools from the tree under the server name
- Under the listed Application Pools right-click the pool of interest and select Advanced Settings... from the context menu
- Scroll down to the Process Model section and verify the value for "Load User Profile"
I believe you can encounter this situation if "Load User Profile" is set to "false".
As ever, any additions, corrections, clarifications, etc. are welcome.
We believe we have developed a fix such that you wouldn't need to change your "Load User Profile" for managed ODP.NET to work. Can you send an email to dotnet_us(at)oracle.com? I will email you back with a test drop of the software. You would then be able to verify whether managed ODP.NET would work with your original configuration.
We believe this issue will be fixed in the next ODP.NET, Managed Driver beta release (Beta 2) such that you won't need to modify your "Load User Profile". If anyone does hit this problem with the upcoming Beta 2, please post to this forum thread and/or email the dotnet_us email alias.