RE: Permissions Problem
From: sivilian (sivilian_at_discussions.microsoft.com)
Date: 07/03/04
- Next message: M. Zeeshan Mustafa: "Re: bypassing a validation"
- Previous message: Joe Fallon: "Re: How to remain checkBox status when datagrid page changed?"
- In reply to: Brian Cooper: "Permissions Problem"
- Messages sorted by: [ date ] [ thread ]
Date: Sat, 3 Jul 2004 14:02:01 -0700
Hi,
ASP.NET by default does not impersonate the logged on user, but rather runs under the local ASPNET account, which is a least privliedged account. In order to have the ASP.NET application impersonate the original caller you must set imperonsation to true, and authorization mode to Windows in your Web.Config. You also have to set Windows Integrated Security in IIS. After this is done, if the logged on use has access to the shared folder, there should be no problem accessing it.
Another thing also, is that you mentioned you are using the File System Object in Classic asp to access the share. If this is the case, then this object does not understand UNC paths within a web application, this may be your problem. Try using another object if possible.
hope this helps,
sivilian
"Brian Cooper" wrote:
> I am trying to determine a permission problem trying to write a text file
> from one web server to another.
>
> Here is the situation:
>
> We have two domains in place one is Active Directory and the other is an old
> NT4 domain. These two domains have a trust between them.
>
> On a 2003 server I am using the file system object to write a text file to a
> NT4 web server. The folder on the NT 4 server currently is shared with open
> security with control for everyone on Domain1 and Domain2. The 2003 server's
> worker process is running under a domain account that has full access to the
> folder.
>
> I am able to map a drive to the share from the 2003 box to the NT4 box while
> logged in with an admin account of the 2003 box. I am also able to run a
> ..vbs script on the 2003 box that is able to place a text file on the NT4
> box. Of course, I do believe that script runs and creates the file system
> object as the logged in user of the 2003 box.
>
> Now to the non-working part. On my asp.net and classic asp page I am unable
> to write a text file from the 2003 box to the NT4 box at all. The virtual
> server(s) that are serving the pages have anon security turned on and use
> the IUSR_MachineName account. Since I have every permission imaginable added
> to the folder on the NT4 box for both domains at full control. My theory is
> that possibly the IUSR account is the account that is actually creating the
> object and trying to place the text file. I only theorize this because I can
> not place the text file and that account seems to be the only one w/o
> permissions to that folder since it is a local machine account and not a
> domain account.
>
> So my real question here is if my theory is right and/or what exactly is
> going on here. After spending much too long on this problem and feeling like
> a noob I am at a loss as to what to try next. Any suggestion would be
> greatly appreciated.
>
> Thank you)
>
>
>
- Next message: M. Zeeshan Mustafa: "Re: bypassing a validation"
- Previous message: Joe Fallon: "Re: How to remain checkBox status when datagrid page changed?"
- In reply to: Brian Cooper: "Permissions Problem"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
