Re: Calling a batch file from IE using asp and vbscript
From: Mark C. (MarkC_at_discussions.microsoft.com)
Date: 12/29/04
- Next message: Aaron [SQL Server MVP]: "Re: Calling a batch file from IE using asp and vbscript"
- Previous message: Bob Lehmann: "Re: Enter key will not submit the form"
- In reply to: Aaron [SQL Server MVP]: "Re: Calling a batch file from IE using asp and vbscript"
- Next in thread: Aaron [SQL Server MVP]: "Re: Calling a batch file from IE using asp and vbscript"
- Reply: Aaron [SQL Server MVP]: "Re: Calling a batch file from IE using asp and vbscript"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 29 Dec 2004 14:55:03 -0800
Aaron,
Thanks very much for your response. Unfortunately, I had already tried
using Windows Integrated Authentication while using a privileged account and
I tried changing the account from IUSR_MachineName to a privileged network
account and neither option worked. The app seems to run, the batch file is
created, but it fails to run. As a workaround I have been using a scheduled
task to run the file at the top of every hour but now a different sort of
security concern having to do w/ our portal software renders my scheduled
task obsolete. Could you be kind enough to elaborate on your solution w/ the
database/queue and the scheduled task. I'm not quite sure that I understand
what you're getting at. Thanks again.
"Aaron [SQL Server MVP]" wrote:
> The problem is that IIS runs ASP pages by default in the context of
> IUSR_machineName, a very low-level user with few privileges and virtually no
> system access.
>
> You need to either set the IIS application to run in the context of a
> privileged user, change the application to run as windows authenticated and
> not anonymous (and then authenticate as a privileged user), or add
> IUSR_machineName to a group with enough privileges to execute the batch
> file.
>
> Of course, each of these options can potentially become a security hole
> without proper precautions.
>
> So, what I tend to recommend in cases like this is to add the requested task
> to a queue (e.g. in a database), and have a scheduled task wake up and pick
> up new tasks from the queue. Then you don't have to worry about the
> privileges you're exposing directly to your web page, and you can easily set
> the job to run in the context of any user you like and on any schedule you
> like...
>
> --
> http://www.aspfaq.com/
> (Reverse address to reply.)
>
>
>
>
> "Mark C." <MarkC@discussions.microsoft.com> wrote in message
> news:73A73B56-C105-4B6C-98F5-E0C6B509AA38@microsoft.com...
> > I'm trying to call a batch file that I've built using the FileSystemObject
> > and CreateObject("Wscript.Shell"), oShell.Run... in an asp script.
> > Naturally, I can get the script to work from a command line but not from a
> > browser. The page does not throw an error but the oShell.Run... portion
> of
> > the script doesn't run. Any help would be appreciated. Thanks.
>
>
>
- Next message: Aaron [SQL Server MVP]: "Re: Calling a batch file from IE using asp and vbscript"
- Previous message: Bob Lehmann: "Re: Enter key will not submit the form"
- In reply to: Aaron [SQL Server MVP]: "Re: Calling a batch file from IE using asp and vbscript"
- Next in thread: Aaron [SQL Server MVP]: "Re: Calling a batch file from IE using asp and vbscript"
- Reply: Aaron [SQL Server MVP]: "Re: Calling a batch file from IE using asp and vbscript"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
