Re: Virtual Directory - Permission Denied with fso CopyFile
From: David Wang [Msft] (someone_at_online.microsoft.com)
Date: 09/26/04
- Next message: Davie: "Form Submission Problem"
- Previous message: David Wang [Msft]: "Re: Custom 401 page problems"
- In reply to: Barry: "Re: Virtual Directory - Permission Denied with fso CopyFile"
- Messages sorted by: [ date ] [ thread ]
Date: Sun, 26 Sep 2004 04:00:24 -0700
You don't need to use a new user. You just need to make sure the same
username/password exists on both servers.
IUSR_MachineName is machine-only and has different passwords on different
machines, so it is quite useless for network access unless you've explicitly
synchronized that account between multple machines.
As I described earlier in my post, I used users with the same credentials on
both IIS and the UNC server, and everything works as it should. Either use
a shared domain account (so credentials stay the same), or create the same
username/password on both machines.
-- //David IIS This posting is provided "AS IS" with no warranties, and confers no rights. // "Barry" <no_one@home.net> wrote in message news:%23F$HA$WoEHA.3792@TK2MSFTNGP11.phx.gbl... Finally figured this one out. We created a new user instead of using the INETUSR_MachineName and everything is working fine now. Thanks for your help. Barry "Barry" <no_one@home.net> wrote in message news:Of5vpl0lEHA.3428@TK2MSFTNGP11.phx.gbl... > David, > > In answer to your questions: > 1. The fso.CopyFile is server side. The pdf generation is on our server as > well as the copying of the file to the archive directory. > 2. Domain Admins, Enterprise Admins, Everyone and IUSR_<machinename> have > all privledges on the filesystem > 3. Everyone has full control, change and read for the share > > -I've setup the site to use the IUSR_<machinename> in the "Connect As" > > I went through all these steps and I'm still getting the access denied > error. > > Any ideas? > > Thanks, > Barry > > > > "David Wang [Msft]" <someone@online.microsoft.com> wrote in message > news:u25%23DKxlEHA.3520@tk2msftngp13.phx.gbl... > > Access denied with filesystems indicates that the identity executing the > > CopyFile does not have permissions on the named remote resource. Thus, > you > > need to clearly describe your settings such that you can determine what > the > > identity is, and what the permissions are. Please clarify the following: > > > > 1. Is Fso.CopyFile executed as client-side script or server-side script > > (i.e. is the PDF copied from the user's machine to the archive server, or > > from the web server to the archive server). > > 2. What are the ACLs of the Filesystem namespace mapped to the UNC share > > 3. What are the ACLs of the UNC share itself > > > > "Connect As" only affects IIS retrieving resources from remote servers, > > while Fso.CopyFile is script executed by a ScriptEngine with no relation > to > > "Connect As". Based on your current description, you should: > > 1. Set "Connect As" to be the IUSR. Make sure this IUSR account exists on > > both web server and archive server and has the same credentials (i.e. you > > can use either two identically named local accounts with synchronized > > passwords, or a single domain account). > > 2. Set the ACLs of the FileSystem namespace to allow Write & Modify access > > to IUSR (if server-side script) or the individual remote authenticated > user > > (if client-side script) > > 3. Set the ACLs on the UNC share to Everyone:Full. This allows you to > > control access with purely filesystem ACLs without the confusion of the > UNC > > share ACLs > > > > I suggest reading this URL for more info on how UNC shares work. > > > http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/webapp/iis/remstorg.mspx > > > > -- > > //David > > IIS > > This posting is provided "AS IS" with no warranties, and confers no > rights. > > // > > "Barry" <no_one@home.net> wrote in message > > news:ekqu4LnlEHA.3988@tk2msftngp13.phx.gbl... > > I have 2 servers running win2k, one is a web server and the other is going > > to be an archive server. The process would be that a user generates a pdf > > report, and then they would choose to archive the report in which the file > > would then be copied to the archive directory. > > > > Both servers are running win2k which is currently my test servers and my > > live servers will be win2k3. I've setup the archive directory for sharing > > and given everyone all permissions except full control. I've setup the > > virtual directory within my site using \\<ip>\archive, where the connect > as > > has been setup using my username/password (I'm a domain admin, this is too > > wide open, but I'm just trying to get it to work for now). The site is > > using anonymous access. I've even given the archive directory anonymous, > > everyone and iusr_machinename sharing and security permission for all > > permissions except full control. > > > > The problem that I'm running into is when a user selects save, I create a > > FileSystemObject and use the CopyFile function to which I get a permission > > denied error. > > > > Any ideas? > > > > Thanks, > > Barry > > > > > > > > > >
- Next message: Davie: "Form Submission Problem"
- Previous message: David Wang [Msft]: "Re: Custom 401 page problems"
- In reply to: Barry: "Re: Virtual Directory - Permission Denied with fso CopyFile"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
Loading
