Error enumerating shared folder from ASP.NET web form - asp.net

I'm trying to run a method on the loading of a page which will search through a network shared folder and do a particular operation on all .tif files found. Problem is I'm getting an error:
DirectoryInfo dir = new DirectoryInfo(directory);
FileInfo[] tifs = dir.GetFiles("*.tif", SearchOption.AllDirectories); //Throws error.
Exception Details:
System.UnauthorizedAccessException:
Access to the path
'\server\sharename\folder\subfolder'
is denied.
ASP.NET is not authorized to access
the requested resource. Consider
granting access rights to the resource
to the ASP.NET request identity.
ASP.NET has a base process identity
(typically {MACHINE}\ASPNET on IIS 5
or Network Service on IIS 6) that is
used if the application is not
impersonating. If the application is
impersonating via , the identity
will be the anonymous user (typically
IUSR_MACHINENAME) or the authenticated
request user.
To grant ASP.NET access to a file,
right-click the file in Explorer,
choose "Properties" and select the
Security tab. Click "Add" to add the
appropriate user or group. Highlight
the ASP.NET account, and check the
boxes for the desired access.
I've tried following these instructions, but I'm not able to add the specified account to the share's permissions. What am I doing wrong?
See Related Question: Trouble accessing network share from asp.net web form

You probably need to impersonate a user that does have access: see http://msdn.microsoft.com/en-us/library/xh507fc5%28v=VS.90%29.aspx

Related

Access to the port 'COM4' is denied

I am using arduino (some micro-controller), and I made an ASP.net page to communicate with it. I connected arduino to serial-port COM4. When I run the ASP.net website, I get the following error:
Exception Details: System.UnauthorizedAccessException: Access to the port 'COM4' is denied.
ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or Network Service on IIS 6 and IIS 7, and the configured application pool identity on IIS 7.5) that is used if the application is not impersonating. If the application is impersonating via , the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.
To grant ASP.NET access to a file, right-click the file in Explorer, choose "Properties" and select the Security tab. Click "Add" to add the appropriate user or group. Highlight the ASP.NET account, and check the boxes for the desired access.
now i know it may sound like the solution is right there: " to grant asp.net access to..." but i don't know what file they are talking about!
So please can anybody point out the solution ?
PS: I first did a windows form application and it worked. So there is nothing else using the COM4.
Thanks in advance.
Ignoring that it's strange that a web application should talk to a COM port on the server, the issue is as follows: by default an ASP.NET application in IIS runs under a low privilege user (as specified in the error message). That user is not allowed to access the port.
A console application runs under the user who launched it. I'm assuming that's you and you're an admin on the machine.
To get the ASP.NET doing the same open IIS (Start - Run - inetmgr), select 'Application Pools', choose the app pool under which your web application is running, click 'Advanced Settings', set the 'Identity' field to your user.
Restart the app pool and launch the web application.

Deny remote access to ASP.net resource

I have ASP.NET WebService as a part of ASP.NET application. However, some of its methods are not supposed to be invoked directly from browser, they are just accessed by winservice from within the same local network. Is there any way to protect web service from remote access by means of web.config files or IIS configuration with no firewall configuration involved?
Change ACLs on your "non accessable" resources so that IIS_USER has no rights. Create another website that binds to localhost:80. Create a new user account and set that as the login account for the new website. Grant that user read/execute to the files you're trying to obscure.

asp.net: authentication

When I upload my asp.net web application to the server and access to the url link, it is asking for the authentication... if I dont, I got this error message:
ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or Network Service on IIS 6) that is used if the application is not impersonating. If the application is impersonating via , the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.
To grant ASP.NET access to a file, right-click the file in Explorer, choose "Properties" and select the Security tab. Click "Add" to add the appropriate user or group. Highlight the ASP.NET account, and check the boxes for the desired access.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
What should I change in the web.config file in order to get this working as locally?
Thanks in advance
Did you make sure you converted the directory to an application in IIS?
Browse to directory in IIS directory tree
Right click and select "Convert to Application"
Select application pool, and convert

Sharepoint custom aspx page can't connect to database

I have created a custom aspx page within my Sharepoint site with a SQL Server connection to a database on that server to select data. When I view the page it works, but when another user tries to view it it gives the following error :
Server Error in '/' Application.
Login failed for user 'GRINCOR\GuguK'.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Data.SqlClient.SqlException: Login failed for user 'GRINCOR\GuguK'.
Can someone give me a solution to this problem? I am using Sharepoint Services 3.0.
From what I can see you can't login on your Database.
Login failed for user 'GRINCOR\GuguK'
This means that the user with Name Guguk can't login.
Maybe you're using Integrated security in your connection string and perhaps you should go with specified credentials instead of having to grant every user who might access the page with permissions in the database.
I would do following:
Create an Active Directory Group with all users that should have access to the SharePoint Site
Add this Group to the SharePoint Site with appropriate privileges (Member)
Add this Group to the MS SQL Server database with appropriate privileges (db_writer?)
I have not tested but I think it should work. It also simplifies the management of the users because you have a central point where you manage users (Active Directory)
Granting Access to a SharePoint page is completely different then granting access to a database.
For the sharepoint page, you have to modify user privileges under "people and groups". Since you mentioned this is a completely custom aspx page, I'm assuming you have it in the _layouts folder in which anybody who has access to your sharepoint site already has permissions to view the page.
For your database, I agree with above. Create a SQL user and use that user in the connection string to the database. This way, no matter who logs into sharepoint they will be using your sql user as credentials for database information.

How do I set access permissions for the search web service in Search Server 2008 Express?

I have installed Microsoft Search Server 2008 Express on a Windows 2003 server and created a search content source (our corporate website) for testing. I can search this source just fine from the Search Centre.
From an ASP.NET web application I am trying to query the provided web service as described here
I am using impersonation settings in the web.config to specify the user account the request runs under but I cannot find out how to set up that user in the Search Server to allow it to make the query.
<authentication mode="Windows"/>
<identity impersonate="true" userName="MyDomain\MyUser" password="myPassword" />
If I use my own network credentials I get the results back, as I am set up with Full Control permissions in the Search Server instance, but when I use an alternate domain account for this (MyDomain\QueryUser) I get this error:
System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> Attempted to perform an unauthorized operation.
I have added the user to the server in Search Server > Site Settings > Permissions > Add Users and have given the account Full Control but it still cannot use the webservice. Is there a setting somewhere I am missing?
**EDIT
Ok, I have tried Gordon's suggestion and using the credentials the Sharepoint application is using makes the error go away. Also, adding the second domain user to the local Administrators group on the server makes the error go away.
What permissions are these changes granting the webservice? Do I have to resort to using these work arounds or can I give my domain user appropriate permissions in Sharepoint somewhere?
the key to access the Search webservice of MOSS is
1) to authenticate properly
2) to force the MOSS webservice to use that identity
for the first part check if all properties are properly assigned for your networkcredential, i usually provide these:
NetworkCredential credentials = new NetworkCredential(userName, password, domain);
service.PreAuthenticate = true;
service.Url = your_ws_fullurl;
service.UseDefaultCredentials = false;
service.useDefaultCredentialsSetExplicitly = true;
service.Credentials = credentials;
for the second part one solution is to remove the IUSR (IIS anonymous user) the right to access the /_vti_bin/Search.asmx file with IIS (got to the /_vti_bin/ folder, right click to file security properties), this way MOSS will retrieve the credentials provided in the credential cache and you won't have the "unauthorized operation" message

Resources