I currently am in the process of deploying a MVC 3 Web App to an IIS 7 server. When I work on the web app from visual studio and deploy through development server, the web app has no problem using a custom .dll that interacts with a local server. However, when I deploy onto IIS 7, the same dll fails to pull data from the server through the dll. I am assuming this is permissions related. I have assigned the AppPool to use an account I created that is a member of the local 'Adminstrators' account. No Success. My account is a member of this group. One quirk I noticed was when I tried to modify security setting in the %WINDIR%\inetsvr folder, which holds the process that runs web server for IIS, I was unable to modify these setting even tho I am a member of the 'administrator' account. Confused about this, and have been running around in circles trying to figure this one out. Any help would be appreciated.
Your web app's associated user definitely don't need to have access permission to %WINDIR%\inetsvr.
Assuming that your website runs on C:\interpub\myWebsite and .Net 4.0, your web app's user needs to have at least reader access to following folders :
C:\interpub\myWebsite
%windir%\Microsoft.NET\FrameWork\v4.0.30319\Temporary ASP.NET Files
If you don't grant those access to those folder then it is so likely that your app won't run.
Also, visit your site with a browser inside your production server and see the detailed IIS error. That might help to narrow the problem down.
NOTE
Also, be sure that your app pool is in integrated mode because ASP.NET
MVC won't work properly under classic mode if you have extensionless
Urls. It is highly likely that you will get 404.
Related
My ASP-Webpages application needs to write self-generated files to a local folder under its root directory. Everything runs like a charm on- and from my development environment, even to any other given network locations.
The problem is that I can’t get the production environment to do the same. Just no files get created, anywhere. Nor are any exceptions thrown on missing permissions etc. Nada.
I believe I’ve read and tried out just about everything anyone had written on the Internet over the past seven years and I feel like I’m chasing my own behind trying to solve this problem. Should it be really that difficult?
At the risk of getting marked as duplicate I see no other option than to post my question here..
Basically, here is what I have this far:
The production application runs on Windows Server 2008 R2, IIS version 7.5. It has a dedicated Application Pool, with its identity set to ApplicationPoolIdentity (.NET Framework v4 / Integrated pipeline).
Application Basic Settings
Verified AppPool membership of IIS_IUSRS.
Verified Group Membership
User Authentication is set to Windows Authentication.
User Authentication
Should Anonymous Authentication be set to ‘Enabled’ to get the ApplicationPoolIdentity be used? I’ve tried setting it on, but it conflicts with the Windows Authentication, which is an essential part of our application and cannot be switched off.
If so, then how?
Both the Application Pool and the IIS_IUSRS have been granted Read & Write permissions on the folder.
I’ve tried setting Full control, but that didn’t help either.
Folder Security Settings
Here is the (stripped down) code that writes the files to the desired location:
Stripped-down Code
Other (silly) things I’ve tried are:
Playing around with absolute and relative path directions in my code.
Enabling Anonymous Authentication, resulting in a conflict with the necessary Windows Authentication.
Set Application Pool ProcessModel identity to Network Service.
Recycle Application Pool.
Load User Profile ‘On’ for the Application Pool.
Setting IE Enhanced Security Configuration ‘Off’ for users.
Restarting server machine.
Using different browsers.
Give 'everyone' full folder permissions, just to try the effects, nothing..
Set AuthenticatedUserOverride to UseWorkerProcessUser via IIS Configuration Editor. This causes that my application doesn't recognise Current.User.Identity.Name anymore, so it blocks further site access.
What I need is to keep Windows Authentication, but also be able to have the application anonymously write files to a given location.
Can anybody please hint me in the right direction or just tell me what I’ve overlooked?
Thanks!
I am trying to host an ASP.NET Web API 2 project on IIS 10, and I keep getting a page saying Service Endpoint not found.
The project I am using for testing is the sample ProductsApp project here Getting Started with ASP.NET Web API 2. If I run the project in debug, then the page shows up as expected while it is being hosted through VS2012 IIS express at localhost:54170
I am then publishing that project to file using VS2012.
After publishing to file, then I made a new site on IIS 10 at localhost:8080 and point the physical path to the folder that I published the ProductsApp project to.
At this point if I go to browse the site it comes up with a page that all it says is Service Endpoint not found.
I've changed my DefaultAppPool Identity to LocalSystem, so I don't think it's a permissions issue.
How do I get the site to show up like it does when I'm debugging from VS2012, but from IIS 10?
I wasted so much time yesterday trying to figure this out, but this morning with a little fiddling I found my answer which I'm surprised I wasn't able to find anywhere else I looked.
To fix my problem this is all I had to do.
Instead of hosting the ASP.NET content as its own site I just needed to add an application to my default web site with the physical path pointing to the folder that was published from VS2012.
This is obviously my first time using ASP.NET, so I didn't have any of the ASP.NET features installed in IIS. I went to Turn Windows features on or off -> Internet Information Services -> World Wide Web Services -> Application Development Features, then selected all of the ASP folders (ASP, ASP.NET 3.5, ASP.NET 4.6). Edit: Looking back at this, all that was required was turning on the feature ASP.NET 4.6. At the time I didn't know what I was looking for, so I tried to nuke the problem by installing everything with "ASP" in the name.
The DefaultAppPool Identity didn't need to change to LocalSystem, so I changed it back to ApplicationPoolIdentity.
Now I have the ASP.NET site up and running on my localhost.
I have a web project which works fine on my local development machine.
I copied the project to our UAT server, setup a virtual directory pointing to the project and configured it to run on .NET Framework 4.0. I even added the Default.aspx page to the Documents tab. I configured Directory Security to use Windows Authentication.
When i try to access any web page within this application, IIS responds with a blank page. I looked through the event logs and don't see any errors anywhere.
Can someone please help me understand what's going on and how to remedy this?
Thanks in advance!
If you're just seeing a white page with no errors in the event log, it sounds like it could be a problem with the application rather than the hosting environment.
However, there are a few things you could try to doing to troubleshoot this.
Check folder permissions. Try allowing "Everyone" access on your webroot folder and see if that makes any difference.
Confirm that the IIS path is set up correctly but putting a text file in your webroot folder, and then browsing to it and verifying that it's contents are displayed.
Create a basic test.aspx page without any script, just a "Hello World" bit of text, and try browsing to it. Confirm that it displays the correct content.
Edit web.config and turn off custom errors
Try re-registering the ASP.NET extensions with IIS using aspnet_iis (details here)
Hopefully, one of these tests will be able to give you some kind of detailed error message or more insight into the cause of the problem.
For IIS 6.0 on Windows Server 2003, after the install of .NET Framework 4.0, the process of creating Web Sites or Virtual Directories that run under .NET Framework 4.0 is as follows:
Create a new application pool.
Applications running under different
frameworks can't be hosted in the
same application pool, i.e. create
an application pool perf framework.
Next, if you are creating a local
intranet site or virtual directory,
ensure that you don't have "dots" in
the application name. Browsers
confuse the dots to be external web
sites, forcing them to run under
internet zone as appose to the
intranet zone.
Once you create your web site or
virtual directory, make sure that it
runs under an application pool
dedicated for .NET 4.0 applications.
Ensure that when creating your
website or virtual directory, you
click on the ASP.NET tab and select
version 4.0 from the drop down.
Then you may configure as per
normal, with any other additional
settings you may require.
Hope this helps someone experiencing similar issues. Took a while to figure out.
I am trying to deploy the Bugtracker.NET tool (http://ifdefined.com/bugtrackernet.html), which is a normal ASP.NET 2.0 application, into the default web site of an IIS which already has Sharepoint installed in it. The OS is Windows Server 2008 R2, IIS 7.5 and Sharepoint Services 3.0.
The question is that when I execute the application, I get a NullReferenceException because HttpContext.Current.Session is null, and I think that this could be due to a problem with the configuration of the web site, as the application runs perfect in web sites with no Sharepoint installed.
I already know that Sharepoint customizes the web site with handles, modules and so on, that all applications in the web site inherit, modifying their behavior. I have already given to the ASP.NET application Full trust level, enabled Anonymous authentication and InProc session state, but I am still getting that HttpContext.Current.Session is null. Even changing the app pool from Wss3AppPool to DefaultAppPool does not succeed.
Maybe someone could tell me which settings do I need to tweak in the web site in order to avoid this exception.
Many thanks in advance.
José Antonio Arroba
You need to look into Managed Paths and excluding the path to your bugtrackernet app.
However why do you HAVE to use the default web application?
Why not keep your life simple and setup a new IIS web application on a separate host header or subdomain and host your app there.
e.g.
http://bugtracker.yourdomain/
or just
http://bugtracker/
I am developing a remote control application where a client (aspx page in a browser) can request a server to "launch a notepad" (for testing purpose, for real life, turning off a light bulb, etc). So I created a dll with a simple function for launching the notepad (on the server side) and dropped this dll in the root bin folder.
It worked fine when the aspx page is running under ASP.NET development server (launched from Visual Studio). But when I tested the same aspx page under a FireFox browser, it did not work (launch the notepad) even though it did call for the same function (I stepped through in debugger).
Is this a permission issue? How do I set this up in IIS manager, or even better in web.config?
Please help.
Yes, it sounds like a permission issue.
The application pool in IIS 7 that your site is running under is probably using the default identity, which is the most restrictive. You can change the identity in IIS Manager by right-clicking on the app pool (probably called DefaultAppPool) and selecting Advanced Settings. From there change the Identity value to Local Service or Network Service. If neither of those work, making it Local System should allow your page to work.
I assume the Visual Studio integrated web server runs under the context of the account you are logged in with on the machine, which likely has a lot more rights.
When you say:
it did not work (launch the notepad)
Did you mean it through an exception or you didn't see a notepad window open. If it was a permissions issue I would expect you that you would get an exception. Chris is right on when he says:
The application pool in IIS 7 that
your site is running under is probably
using the default identity, which is
the most restrictive.
and
I assume the Visual Studio integrated
web server runs under the context of
the account you are logged in with on
the machine, which likely has a lot
more rights.
and if this is a permissions issue he is right on. However, the user your running under (when not debugging in Visual Studio) most likely cannot access the desktop of the logged in user. Maybe you should try your test with an app that doesn't need to interact with the desktop.