Setting up Delegation in a Domain Controlled Environment – XpressDox

Setting up Delegation is necessary in a Windows Authentication environment, when the File server is not the Application server.


  • Enable Windows Authentication and Impersonation




  • In the Configuration Editor, take note of the following settings:



  • In the site’s Application Pool, go to Advanced Settings and set the Identity to ApplicationPoolIdentity.




In SharedSettings:

  • In the SharedSettings file, located in the WinAuth install folder, add the UNC path to the available locations




Access rights:

  • Grant users or user groups in the Active Directory access levels; either full access rights or read only. This should be done on the File Server where the UNC share was created.




On the Domain Controller:

  • Set the correct delegation setting for the IIS server on which XpressDox is run



Testing Kerberos Authentication:

  • Open your XpressDox URL as below, and check for the following two properties:
  • <yourXpressDoxURL>\authtestpage