Re: That stupid can't execute error is driving me insane
From: David Wang [Msft] (someone_at_online.microsoft.com)
Date: 03/16/04
- Next message: David Wang [Msft]: "Re: Enableing POST in IIS 5.1 on XP"
- Previous message: Olle Westin: "Languagesettings."
- In reply to: Mike: "That stupid can't execute error is driving me insane"
- Next in thread: Jonathan Maltz [MS-MVP]: "Re: That stupid can't execute error is driving me insane"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 16 Mar 2004 15:20:04 -0800
This error comes up when the vdir does not have "Scripts" or "Scripts and
Executables" Execute Permission and you try to access a URL that is either
scriptmapped or has an executable extension like .dll, .com, or .exe. It
also happens if you have a folder name that has ".com" in it -- and there is
no work-around for this one.
I have no idea what other settings you have active in regards to mappings
and scripts -- they are all irrelevant to running an EXE on the server and
may be causing your issue.
It is pretty simple and straight forward to allow an executable on the
server, you just need to do:
1. Make sure the EXE is ACL'd to allow Read to the remote authenticated user
from IIS
2. Make sure the vdir that is mapped to the physical directory containing
the EXE has "Scripts and Executables" Execute permission.
3. On IIS6, you need to add and enable a Web Service Extension containing
this EXE
Thereafter, requests to /vdir/my.exe should execute the EXE on the server.
Here is a simplistic view of how IIS does request processing:
1. Given a URL, IIS must decide what to do with it by determining whether
the URL's extension is mapped to something that is static or dynamic.
2. If the mapping is static, the static file handler just reads the file and
sends it back. This is the classic "download"
3. If the mapping is dynamic, then IIS decide whether the URL should be
handed to a Script Engine (via an Application Mapping) as a script -- this
is how PHP, PL, ASP, etc work -- or if the URL should be directly executed,
like CreateProcess* on a EXE or calling the ISAPI entry point functions.
4. If the URL's extension matches the extension of an Application Mapping,
IIS loads the Script Engine associated with that mapping and gives it the
URL -- the Script Engine is responsible for generating all response content
at that point
5. If the URL's extension matches an executable like DLL or EXE, IIS
directly executes it, either as a CGI via CreateProcess* or calling
GetExtensionVersion and HttpExtensionProc for an ISAPI, and this execution
is responsible for generating all response content.
The modification IIS6 makes is at #4 and #5, prior to IIS loading the Script
Engine or ISAPI/CGI, IIS will make a check against the list of allowed Web
Service Extension and make sure that the executable is allowed to run. If
not, IIS will send back a 404 response and log a 404.2
403.1 happens when IIS decides that the URL's mapping is dynamic, but the
URL is not configured to have Scripts or Executables privilege.
-- //David IIS This posting is provided "AS IS" with no warranties, and confers no rights. // "Mike" <hopkinsmike@hotmail.com> wrote in message news:c48f1a39.0403160958.4d79c8ac@posting.google.com... I keep getting this message when trying to run an executable using the IIS. HTTP 403.1 Forbidden: Execute Access Forbidden Internet Information Services I've tried all the various obvious techniques like changing the permissions on the virtual folder in MMC to allow execute, the folder has read access, the mapping is set up to recognise the executable from the extension and allow scripts. I just can't see what is causing the problem. Any suggestions? Cheers.
- Next message: David Wang [Msft]: "Re: Enableing POST in IIS 5.1 on XP"
- Previous message: Olle Westin: "Languagesettings."
- In reply to: Mike: "That stupid can't execute error is driving me insane"
- Next in thread: Jonathan Maltz [MS-MVP]: "Re: That stupid can't execute error is driving me insane"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
