I have created an ASP.NET website using VB.NET. The functionality of the website generates a .bat file and saves it in a location - it then uses Process.Start(filelocation) to run the bat file.
This works fine when in debug mode on my PC - but when I have uploaded the website on to an IIS 7 server, it creates the file (proving that it has access to the area), but seemingly cannot run it?
I am assuming there is a permission issue here - Any ideas what I am missing?
Thanks
Guy
Every webapp in IIS run under a specific user. Check if that user has privileges to run applications, in particular the *.bat (in your output directory) and related *.exe files.
If you do not use impersonation, you can set the user at App pool level.
My suggestion is to create a dedicated Windows user with the right permissions and run the app pool under that user. The app pool should contains only your web application.
Related
I have solution in which there are two projects one is a web project and one is a windows application. The windows application does some file read write things. Recently I have got a requirement to refer those in Web project. I referred the windows project in my web project and it worked great.
But the issue is there is a file writing part in Windows Project which is triggering an Access Denied error. When I am running locally its not triggering that file error. When running from IIS that error triggers.
You need to assign Write access to IIS_IUSRS user group in that folder. Just right click on the folder, go to security tab and add IIS_IUSRS with read + write access and click OK.
I have an asp.NET web app which application pool is .NET 2.0
I have following code to generate PDF file(with crystal report):
Response.ContentType = "application/pdf"
Response.WriteFile(PDFFileName)
it puts a pdf file on a specific folder.
It's working fine for long time. but after network changed, it is not working anymore. I guess it is permission issue. With about code, which account should have the write permission on the folder? Is it ASPNET Account?
could be ASPNET or could be NETWORK Service
it depends on what your app pool settings are set to for the user account.
Go into IIS manager and find the app pool your application is running on and see what the account setting is. This is what your website will run under and thus the folder you are writing too will require the account added to the permissions.
Every time the ASP.NET application in question throws an error the Global.asax writes to an error file: logs\error.log. The ASP.NET applications works using Windows authentication.
I am able to write to the log file when debugging using Visual Studio, however it does not work when the application is deployed in the live environment. How do I find out what user account I need to give access to: logs/error.log?
The application is deployed on a Windows 2003 Server with IIS6. Microsoft.NET 3.5.
You would have to give the required permissions to the network service account. This link might be able to help you out.
Windows Server 2003 defaults to the "Network Service" account.
This can be verified by opening IIS (expand the computer if needed), expand the "Application Pools" folder, right click on the pool used by your web app, and go to the Identity tab.
FYI: Windows Server 2008 uses the IIS_IUSER instead of Network Services.
I hope that logs folder is a virtual directory setup outside the web site directory.
Otherwise every time you deploy the entire solution you will overwrite the logs folder and its content.
Microsoft has a tool for monitoring file access that can be useful for troubleshooting permission issues.
Process Monitor - http://technet.microsoft.com/en-us/sysinternals/bb896645
You will also want to check if your application is using windows authentication & identity impersonation since that can change the identity the application is executing with when enabled.
I am in the process of deploying a web application on IIS5 on my server which runs windows XP.So when i run my application in visual studio its perfect.But when i deployed it into IIS it throws me an error saying that the access denied to a particular file.
My app reads a xml file based on the input(which is nothing but the other system in the network).As i browsed to the properties of that file manually and unchecked the read only attribute,still it dint work out.Can any one guide me to the proper solution ?
you might have to give read/write (if needed) to following users:
iis_wpg
network service
aspnet
In IIS, your site runs under the credentials of the application pool assigned to it. You can either change the credentials of your application pool to an account that has permission to access that file, or else grant access to the default account that the application pool is currently using.
You mention that you are using basic auth...
Generally, the web application will then impersonate the user logged in.
So, if your file isn't accessible by the user that logged in, then it won't be accessible to the web application impersonating them on the system either. You will need to check the permissions of those files and set them accordingly.
Hi: I'm reading up on ASP.NET, and just came to a chapter that explains how to upload a file to your website. It says that in order to save a file to your file system, in the case of every OS except Win Server '03, an ASP.NET page executes in the security context of the ASPNET account. I don't have an ASPNET account running on my machine (win xp pro sp3; .NET 3.5). The program runs fine, by the way, I'm just trying to understand what an ASPNET account is exactly, and why it doesn't seem to show up on my list of user accounts. Thanks.
ASPNET is only used if use IIS. This was the norm in ASP.Net 1.1
However in new versions of Visual Studio IIS is not needed, so it uses an internal web server.
If ASPNET exists in a command window ( Start -> Run cmd Clikc OK) type and press enter
net user ASPNET
you should see the details of the account and in Task Manager you will see a process asp_wp.exe
File Access
The Network Service account has Read and Execute permissions on the IIS server root folder by default. The IIS server root folder is named Wwwroot. This means that an ASP.NET application deployed inside the root folder already has Read and Execute permissions to its application folders. However, if your ASP.NET application needs to use files or folders in other locations, you must specifically enable access.
http://msdn.microsoft.com/en-us/library/ff647402.aspx