How do I configure my Namespace and Queue to allow access to listen/send by the local machine account?
I have a web application that runs under NetworkService that needs to be able to write to the queue and then I have another windows service that also runs under NetworkService on a different machine that I would like to pull off of the queue.
I thought that the following code would give permissions, but I have not been able to get it to work.
var nsmgr = NamespaceManager.CreateFromConnectionString(connectionString);
if (!nsmgr.QueueExists(queue))
nsmgr.CreateQueue(queue);
QueueDescription qDes = nsmgr.GetQueue(queue);
qDes.Authorization.Clear();
qDes.Authorization.Add(new AllowRule("ElasticSearch", "nameidentifier", "machine_account$@dns_domain", new[] { AccessRights.Listen }));
qDes.Authorization.Add(new AllowRule("ElasticSearch", "nameidentifier", "NT AUTHORITY\\NetworkService", new[] { AccessRights.List }));
nsmgr.UpdateQueue(qDes);