Re: IIS6.0 not allowing file creation on Windows Server2003
From: David Wang [Msft] (someone_at_online.microsoft.com)
Date: 07/06/04
- Next message: David Wang [Msft]: "Re: Session variables lost"
- Previous message: David Wang [Msft]: "Re: truncated output with IIS6"
- In reply to: Cathie Hagen: "Re: IIS6.0 not allowing file creation on Windows Server2003"
- Next in thread: Cathie Hagen: "Re: IIS6.0 not allowing file creation on Windows Server2003"
- Reply: Cathie Hagen: "Re: IIS6.0 not allowing file creation on Windows Server2003"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 5 Jul 2004 20:32:17 -0700
Run FileMon (www.sysinternals.com) and IIS6 in native mode, and see what is
getting "access denied". I suspect it is now "Network Service".
If so, here is what is going on:
1. At all times, the ACL you need to give depends on the user identity that
is executing the code to create the file.
2. With ASP.Net, this is controlled by the "impersonate" configuration. It
can be set to impersonate a built-in identity, the identity IIS passed
along, or not-impersonate and use the process identity.
3. The IIS identity depends on the authentication type you configured in IIS
4. The process identity depends on the IIS process model. If it is IIS5
Isolation Mode, ASP.Net controls the process model of ASP.Net pages, so
ASPNET (or whatever configured identity) is the process identity. If it is
IIS6 native mode, then ASP.Net won't control its process model, and it is
the process identity of the IIS6 Application Pool that matters(default is
Network Service).
I suspect that you have impersonate=no, meaning that in IIS5 Isolation Mode
that ASPNET is the identity, and in IIS6 native mode it is "Network
Service".
If so, you have some decisions to make. The easiest way to emulate
ASP.Net's process model with IIS6 native mode is to create separate
Application Pools in IIS6 whose Custom Application Pool identity match
ASP.Net's identities. Then, you configure the ASP.Net application to the
appropriate Application Pool and don't need to touch anything else.
i.e. create an Application Pool whose process identity is ASPNET, add the
ASPNET user to IIS_WPG group, configure your ASP.Net application to use this
Application Pool, and ACL to ASPNET as you did before.
-- //David IIS This posting is provided "AS IS" with no warranties, and confers no rights. // "Cathie Hagen" <cathie@bob.com> wrote in message news:uhHc3quYEHA.4068@TK2MSFTNGP10.phx.gbl... I have given the ASPNET user full controll over the folder that the folder that the file is created in. The file, since it is being created, does not have any permissions as yet. A last piece to the puzzle might be that I'm using xmlpdf to create the file. This code and settings work perfectly fine in Windows XP and Windows Server 2000 but when I have the application on a Windows 2003 box I have to set IIS to IIS 5 compatibility mode if I want the file to be created. I would prefer not to set IIS to IIS 5 compatibility mode so I'm looking for information on what specific setting I may have not set. Thanks, Cathie "Jeff Cochran" <jeff.nospam@zina.com> wrote in message news:40ec5d11.867396460@msnews.microsoft.com... > On Mon, 5 Jul 2004 13:15:26 +1000, "Cathie Hagen" > <cathie@somewhere.com> wrote: > > >I'm having an error creating a file in my ASP.NET (C#) application on > >Windows2003. If I set IIS to run in IIS5 compatibility mode I have no > >problem creating a file in the application. Otherwise there is no file > >created. I would like to work out what security settings I need to create > >the file in IIS6 normal mode. Any ideas? > > Check security settings such as file/folder permissions. Check the > log files. > > Jeff
- Next message: David Wang [Msft]: "Re: Session variables lost"
- Previous message: David Wang [Msft]: "Re: truncated output with IIS6"
- In reply to: Cathie Hagen: "Re: IIS6.0 not allowing file creation on Windows Server2003"
- Next in thread: Cathie Hagen: "Re: IIS6.0 not allowing file creation on Windows Server2003"
- Reply: Cathie Hagen: "Re: IIS6.0 not allowing file creation on Windows Server2003"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
