Re: Unspecified error - Permissions
- From: "Juan T. Llibre" <nomailreplies@xxxxxxxxxxx>
- Date: Fri, 13 Jul 2007 17:53:44 -0400
re:
!> I changed the web.config file to "false", but I had run the Identity.aspx BEFORE I changed it.
!> Now it *does* say SANDRAST\ASPNET when I run the Identity.aspx.
Good. That's a step in the right direction.
re:
!> But my problem now is that SANDRAST\ASPNET does NOT appear among the user
!> names on the Security tab of Properties of the folder. There are several
!> others, but none with ASPNET.
Make sure you do *not* have "simple file sharing" selected for the directory.
That's the default for XP...and prevents assigning permissions.
1. Open Windows Explorer;
2. Tools -> Folder Options -> View tab;
3. Uncheck User simple file sharing (Recommended) box.
After that, you should be able to just write in the ASPNET account name, or search for it.
Also, did you run :
aspnet_regiis -GA SANDRAST\ASPNET
?
That will grant all the permissions needed for the whole wwwroot directory tree,
if you're running NTFS on your boot drive, to the SANDRAST\ASPNET account.
Again, you need to be running NTFS for any of this to work. Are you ?
re:
!> You recommended that for my *Remote Host Server*.
Yes.
re:
!> The problem I have now is with my local computer.
!> I'm running iis for *testing purposes* before I download it to my host server.
And, presumably, that means that you can live with two different database locations in both boxes ?
Wouldn't it be better for you to standardize the folder where the database resides?
Even if there's no security implications for you in your local computer,
doing that will save you a lot of reconfiguration when you upload to the server.
re:
!> Would anybody have access to that folder besides me, since it's not on the internet?
See above...
Juan T. Llibre, asp.net MVP
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
======================================
"dancer" <dancer@xxxxxxxxxxxxx> wrote in message news:OZk%23kyYxHHA.4264@xxxxxxxxxxxxxxxxxxxxxxx
1. RE: "didn't we go over this problem with you a few days ago ?"
No, you helped with a somewhat different problem on my *Remote Host Server* And you helped me well. That
problem is SOLVED.
This is a problem on my Local Computer for testing purposes.
2. RE: "The default account for ASP.NET on Windows XP is ASPNET.> In your case, it would be SANDRAST\ASPNET
If the account ASP.NET is running as is SANDRAST\IUSR_SANDRAST, then you must be impersonating the ASP.NET account,
and you have> <identity impersonate="true" />...in you web.config."
I changed the web.config file to "false", but I had run the Identity.aspx BEFORE I changed it. Now it *does* say
SANDRAST\ASPNET when I run the Identity.aspx.
But my problem now is that SANDRAST\ASPNET does NOT appear among the user names on the Security tab of Properties of
the folder. There are several others, but none with ASPNET.
3. RE: " Btw, I had also recommended to you that you create an App_Data directory under wwwroot, so that your
database's security isn't compromised."
You recommended that for my *Remote Host Server*. The problem I have now is with my local computer. I'm running iis
for *testing purposes* before I download it to my host server. Would anybody have access to that folder besides me,
since it's not on the internet?
Thank you. You always have a great insight into my problems! I'm betting you can solve this one too.
"Juan T. Llibre" <nomailreplies@xxxxxxxxxxx> wrote in message news:O6qG0FYxHHA.5028@xxxxxxxxxxxxxxxxxxxxxxx
dancer,
didn't we go over this problem with you a few days ago ?
You are running on Windows XP, right ?
The default account for ASP.NET on Windows XP is ASPNET.
In your case, it would be SANDRAST\ASPNET
If the account ASP.NET is running as is SANDRAST\IUSR_SANDRAST,
then you must be impersonating the ASP.NET account, and you have
<identity impersonate="true" />
...in you web.config.
Get rid of that, or change it to :
<identity impersonate="false" />
...and run identity.aspx again.
NOW, the account returned should be SANDRAST\ASPNET or, simply ASPNET.
THEN, give the ASPNET account permission to the directory where acc.web is located.
Btw, I had also recommended to you that you create an App_Data directory
under wwwroot, so that your database's security isn't compromised.
Nobody can download your Access database from the App_Data directory.
On the other hand, it would be very easy to download it from the wwwroot directory.
So, create the App_Data directory under wwwroot, do what I say above,
and give the ASPNET account read/write/change permissions to the App_Data directory.
If, for some strange reason, you *still have the IUSR account listed as the
ASP.NET account after you do all that, then open a command window to :
Drive:\WINDOWS\Microsoft.NET\Framework\v2.0.50727
...and issue the following command:
aspnet_regiis -GA SANDRAST\ASPNET
That will reinstate SANDRAST\ASPNET as the default ASP.NET account.
Now, make sure that you have <identity impersonate="false" />
in the web.config...and make sure that acc.mdb is in the App_Data directory,
and make sure that SANDRAST\ASPNET has read/change/write permissions
to the App_Data directory and to all the files in it.
None of this will work, however, if you are not running NTFS as your file system.
If you are not, postback and I'll tell you how to convert your file system to NTFS.
Otherwise, just doing what I've outlined will fix your problem.
Juan T. Llibre, asp.net MVP
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
======================================
"dancer" <dancer@xxxxxxxxxxxxx> wrote in message news:eQWol6XxHHA.3756@xxxxxxxxxxxxxxxxxxxxxxx
Thank you, Juan, for answering.
I changed back the config file. I ran your code. The results were "ASP.NET is running as the account:
SANDRAST\IUSR_SANDRAST."
This is the same account I gave full control before, except it is listed as Internet Guest
Account(SANDRAST\IUSR_SANDRAST)
I checked to see if it still has full control.
Now I get the former error, "Operation must use an updateable query."
The folder I gave permissions to was "wwwroot". (where my file is located)
The folder over it, "InetPub" does not have that account listed in the group of accounts. Should I try to get that
account there too?
"Juan T. Llibre" <nomailreplies@xxxxxxxxxxx> wrote in message news:%23ivFZjXxHHA.4248@xxxxxxxxxxxxxxxxxxxxxxx
dancer,
Save the following code as "identity.aspx" and run it.
identity.aspx:
-------------------
<%@ Page Language="VB" %>
<%@ Import NameSpace = System.Security.Principal %>
<script runat="server">
Sub Page_Load()
Dim tmp As String = WindowsIdentity.GetCurrent.Name()
Label1.Text = "ASP.NET is running as the account : " & tmp
End Sub
</script>
<html>
<head>
<title>What account is ASP.NET running as ?</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:Label ID="Label1" Runat="server" Text="Label"></asp:Label>
</div>
</form>
</body>
</html>
------------
Running that script will tell you the account ASP.NET is running as.
Giving that account permission to access/modify C:\Inetpub\wwwroot\Acc.mdb
should eliminate the problem you're having.
You do not have to impersonate, unless you are accessing a file on a network share so,
if you don't need to do that, eliminate the "impersonate" entry in web.config, and just
give access permission to whichever account identity.aspx returns.
Juan T. Llibre, asp.net MVP
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
======================================
"dancer" <dancer@xxxxxxxxxxxxx> wrote in message news:OfRd5IXxHHA.4500@xxxxxxxxxxxxxxxxxxxxxxx
I went to your recommended site, and this is what I found.
"By default, the Aspnet_wp.exe process runs under a computer account named ASPNET. However, this account does not
have the required privileges to impersonate a specific user. You receive an error message if you try to
impersonate a specific user. This information applies only to the .NET Framework 1.0. This privilege is not
required for the .NET Framework 1.1."
I am using 1.1 not 1.0. This language seems to say I shouldn't have to change the identity impersonate, etc. or
am I misunderstanding?
Thank you.
"nahid" <nahidupa@xxxxxxxxx> wrote in message news:1184336908.985639.296270@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
On Jul 13, 8:14 pm, "dancer" <dan...@xxxxxxxxxxxxx> wrote:
The previous reply was nothing - only a slip of my finger.
RE: also set a valid user and password
<identity impersonate="true" userName="xx" password="xx"/>
Then how would I use the user name and password? Would there be code in my
application that would apply the user name and password?
If so, how?
Thanks
"nahid" <nahid...@xxxxxxxxx> wrote in message
news:1184334398.391549.208600@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
On Jul 13, 7:32 pm, "dancer" <dan...@xxxxxxxxxxxxx> wrote:
Using Asp.net 1.1 and Vb.net
I am learning to update a database using the following:
DBConnection = New OledbConnection("Provider=Microsoft.Jet.Oledb.4.0;" &
_
"Data Source=C:\Inetpub\wwwroot\Acc.mdb" )
My application works with no problem on my remote host computer.
On my own computer, using iis and localhost to test it, I got the error,
"Operation must use an updateable query."
1. As instructed, to get rid of this error, I gave full permissions for
the
folder, "wwwroot", where the Acc.mdb file resides, to the account - in
this
case it was "Internet Guest Account( ..... )" (This seemed the logical
choice) I did it by right clicking on the folder name, then clicking
properties, then security, and scrolling to the account name.
I still got the error message.
This account name does not exist on the folder, "Inetpub" if I right
click,
properties, etc.
2. As instructed, I went to the config folder - path -
Winnt\Microsoft.net\Framework\v1.14322\config\machine config, and changed
<identity impersonate="false"> to <identity impersonate="true">
NOW, I get the message System.Data.OleDb.OleDbException: Unspecified
error,
the line called out as the problem being "DBConnection.Open()" which
follows the DBConnect = New.... above
Who has the answer?
Thank you.
hi,
also set a valid user and password
<identity impersonate="true" userName="xx" password="xx"/>
nahid
http://nahidulkibria.blogspot.com/
http://www.kaz.com.bd- Hide quoted text -
- Show quoted text -
hi its ok,
no user name and password should be a power user of the server you
host your application to get all privilege of that user
check it out
http://support.microsoft.com/kb/306158
nahid
http://nahidulkibria.blogspot.com/
http://www.kaz.com.bd
.
- Follow-Ups:
- Re: Unspecified error - Permissions
- From: dancer
- Re: Unspecified error - Permissions
- References:
- Unspecified error - Permissions
- From: dancer
- Re: Unspecified error - Permissions
- From: nahid
- Re: Unspecified error - Permissions
- From: dancer
- Re: Unspecified error - Permissions
- From: nahid
- Re: Unspecified error - Permissions
- From: dancer
- Re: Unspecified error - Permissions
- From: Juan T. Llibre
- Re: Unspecified error - Permissions
- From: dancer
- Re: Unspecified error - Permissions
- From: Juan T. Llibre
- Re: Unspecified error - Permissions
- From: dancer
- Unspecified error - Permissions
- Prev by Date: Re: IIS sends empty .CSS file
- Next by Date: Re: Unspecified error - Permissions
- Previous by thread: Re: Unspecified error - Permissions
- Next by thread: Re: Unspecified error - Permissions
- Index(es):
Relevant Pages
|
