Im trying to use the fileupload control. Im using Visual Web Developer Express on my desktop.
My web application is working fine except I cant use the fileUpload control. I get the following error:
ERROR: Access to the path (My_Directory) is denied
I searched and it appears to be a permissions problem. So I attempted to add the user ASPNET and give appropriate permissions to the directory, however, I was unable to add user "ASPNET". User "ASPNET" was not found.
So then I followed the following directions to add user ASPNET via Control Panel > Administration > Computer management. So now I was able to add user ASPNET to the directory and give appropriate permissions but I still got the above error.
http://p2p.wrox.com/net-web-services/5918-creating-aspnet-user.html
Any ideas on why I cant access the directory?
If you're using Vista/Windows 7/Win2003/Win2008, the user you need is the Network Service account. You can verify by seeing what user your application pool is running under.
Grant the proper permissions to that account (if indeed it's the account that your application pool is running under) and you'll be golden. Note also that with Windows 7 and Win2008, the default account could be the ApplicationPoolIdentity, which you can find out more information about at http://forums.iis.net/t/1156692.aspx. Regardless, you can simply switch the account that your application pool is running under to the Network Service account to verify that that is the issue.
Ever figure this out? If you're overwriting files check to make sure they aren't set to read-only.
I've handled these permissions plenty before and had tried everything in the book and on this site and others (I'm on Win7, IIS7.5 also). Sometimes it's the silly little things...
Related
I am trying to deploy an asp.net 4 app to a new microsoft server 2008 R2
I have set up the application as I have done dozens of times before and set the folder permissions appropriately.
I have tried setting the application pool name directly to have write permissions
I have tried setting IUSR, IIS_IUSRS, NETWORK SERVICE and Users.
I have confirmed that windows authentication is disabled and anonymous is enabled as well as forms authentication is enabled. Logging in works fine i can access all pages normally except if i try to write to the folder. Then a password is required box pops up which looks like windows authentication (even though its disabled)
Every post here states and in my past experience says if I set the folder permissions for the defaultidentity application pool it should work, but for some reason this server wont let me do it!
Any help would be most appreciated.
Welp this turns out to be a really weird one. For some reason when SQL reporting services is installed it reserves the folder name "Reports" in any IIS Web application folder regardless of whether your actually using Reporting services. Its not created by default or anything, but if you happen to create folder titled "Reports" dont expect to access anything from it. After many hours of frustration it turns out it's a random reservation which doesn't throw any error just somehow overrides your authentication protocol to use windows authentication for their reserved folder.
Thanks Microsoft!
I assume this is an IIS error, as this doesn't happen if I run the project on my local machine.
I have my stylesheets at ~/Content/css
Any files in that directory won't load on the page, and when I navigate to them directly, I get a server error:
401 - Unauthorized: Access is denied due to invalid credentials.
You do not have permission to view this directory or page using the credentials that you supplied.
This only happens with that directory, I have no problem accessing any other files. Is there something I need to do in IIS7 to stop this?
Open IIS and select site that is causing 401
Select Authentication property in IIS Header
Select Anonymous Authentication
Right click on it, select Edit and choose Application pool identity
Restart site and it should work
It is likely that you do not have the IUSR_computername permission on that folder. I've just had a quick scan and it looks like you will find the information you need here.
If that isn't the case, are you prompted for your username and password by the browser? If so it may be that IIS is configured to use Integrated authentication only, as described here.
Open IIS
select site where you are facing the problem
Select Below
- Right click on Anonymous Authentication and click on edit and follow below
You do not have permision to view this directory or page using the credentials that you supplied.
This happened despite the fact the user is already authenticated via Active Directory.
There can be many causes to Access Denied error, but if you think you’ve already configured everything correctly from your web application, there might be a little detail that’s forgotten. Make sure you give the proper permission to Authenticated Users to access your web application directory.
Here are the steps I took to solve this issue.
Right-click on the directory where the web application is stored and select Properties and click on Security tab.
Click on Click on Edit…, then Add… button. Type in Authenticated Users in the Enter the object names to select., then Add button. Type in Authenticated Users in the Enter the object names to select.
Click OK and you should see Authenticated Users as one of the user names. Give proper permissions on the Permissions for Authenticated Users box on the lower end if they’re not checked already.
Click OK twice to close the dialog box. It should take effect immediately, but if you want to be sure, you can restart IIS for your web application.
Refresh your browser and it should display the web page now.
Hope this helps!
You need to check the folder permissions on your server and check that the account that you are using to run your application has access to that folder.
For me the Anonymous User access was fine at the server level, but varied at just one of my "virtual" folders.
Took me quite a bit of foundering about and then some help from a colleague to learn that IIS has "authentication" settings at the virtual folder level too - hopefully this helps someone else with my predicament.
In our case it was Windows-integrated authentication specified in the app's web.config
BUT the windows-auth module was not installed on the IIS machine at all.
Just adding another possible reason.
Another simple fix I found was to delete the local IIS site (from within IIS Manager) and then re-create the virtual directory from the "Properties" of your web project in Visual Studio.
Setup
There is an IIS 6 application running in a .NET 2.0 App Pool on Server-A. IIS 7 Server-B needs to host that same code-base under a different URL. I created a virtual directory under Server-B's website to the network path of the application on Server-A. I've enabled this virtual directory on Server-B as an application running in its own .NET 2.0 App Pool in Classic Mode. Both app pools run as the same domain account that has access to that folder.
Issue
When accessing the site from Server-A it works fine. Accessing it from Server-B however generates the infamous "Required permissions cannot be acquired." error.
I have been trying to find a solution to this problem for two days. The two most common solutions have been to check the CLR Trust level on the Server-B box or to set the Load User Profile property on the App Pool to "True". Since I have full administrative rights I set the Trust level to Full and set the profile sitting to "True". Strongly naming all the assemblies the application and throwing them in the GAC is not where I want to go.
I'm sure I'm just missing some configuration somewhere. Any ideas? Thanks.
We have had a similar problem once.
In our case the user that was the identity of the app pool have never logged on to the server. Therefore, there was no local user profile, therefore there was a problem when the system tried to use the profile.
As a test try and set the identity of the app pool to the admin account you use to log in with.
Manually verify that user can access that share. Try logging into windows as that user and then accessing that share (or fake it with something like a "runas /User:{Domain\UserName} net use {\server\share}").
Also try loading ShareMonitor wherever the files actually live. It should tell you what user account is trying to access a given share. It might not be the account you think it is. I cannot recall if it was this program or not, but I have used something very similar in the past to figure out a really odd permission problem.
That should determine if it is a file access problem. If it isn't, then all I can say is to make sure you have ASP.NET enabled (on windows server it is a separate option).
Also check out the file permissions on your "Temporary ASP.NET Files" directory. I've had to explicitly add users write access to that before to get things working.
in my case my IIS App Pool had LoadUserProfile=false, so it was not loading the profile of the app pool's Identify (a domain account). This caused this unable to acquire permissions even though my Webroot files/folders (including /bin) had correct permissions. Setting LoadUserProfile=true fixed the issue for my setup.
I would set that application pools identity attribute (in advanced settings) as administrator. That way, you application will work on the server, just like it works on the local setup.
Unfortunately I don't have a whole lot of information on this.
I have a customer who has moved their site from an ancient system to IIS7 on Windows 2008 Server. Info about the error is below:
Error:
E:\wwwroot\sp\xxx\online_data.xls
Microsoft VBScript runtime error '800a0046'
Permission denied
/xxx/oat/exceldata.asp, line 52
Code:
49 response.write(server.mappath("online_data.xls"))
50
51 set fso = createobject("scripting.filesystemobject")
52 Set act = fso.CreateTextFile(server.mappath("online_data.xls"), true)
The only suggestion so far is to:
grant the application pool
(DefaultAppPool / Classic AppPool)’s
impersonated identity read and write
permission to the physical folder
which the asp page reside
Will look at this when I get access, but other suggestions would be appreciated.
The provided answer is correct, but I needed a little more detail on how to accomplish it. To make it really easy, follow the steps below. I was setting up an asp page counter on a sandbox system in our intranet.
Open Computer Management.
Drill down to the IIS server
Management
In the Connections pane, click on
Application Pools
In the Application Pools pane,
right-click on DefaultAppPool and
choose Advanced Settings. Look in
the Process Model section.
By default, the Identity property is
set to ApplicationPoolIdentity.
This is a built-in account.
If it's set to the default, then you
can use the built-in user
machinename\IUSR for your
permissions settings. I had to
specify the machine name because
this is a virtualized server, YMMV.
If it's not set to the default, use
that username for your permissions
settings.
Cancel out of the dialog and return
to Windows Explorer, to the folder
where you need to add permission.
Right-click to get Permission
settings.
Set up machinename\IUSR or the
non-default username you determined
in steps 6/7 above. Grant
permissions as needed.
This helped:
http://learn.iis.net/page.aspx/140/understanding-built-in-user-and-group-accounts-in-iis-7/
The suggestion is correct. If the path to the solution is not immediately obvious for whatever configuration reasons, try running procmon (filter on "online_data.xls") and see who's failing, why, and what user account they run under. Then check the ACLs.
I had a similar problem in Windows 7 and my solution was changing the Authentication. From IIS, select the site, go to Authentication, disable Anonymous Authentication and enable Windows Authentication.
Spent a bit of time with something similar. Even with the correct settings it wasn't working.
I then tried create the actual file first on the server. Turned out to be the trick that worked. Now my ASP page writes to the existing file no problem.
Must be something about creating a new doc from scratch that is another issue.
I have been trying to configure a small website on a Windows Server 2008 running IIS 7. Unfortunately, when trying to load the website I keep getting the error: Server Error 401 - Unauthorized: Access is denied due to invalid credentials.
The permissions on the website folder include read, write, and execute for user ASP.NET v4.0. I even clicked "Check names" before adding the user to folder, to make sure that I spelled everything correctly. But the error continues to show. Also, I noticed that everything works okay if I add "Users" to the permissions for the folders containing the website, but I don't see why this should be necessary. I only want to give ASP.NET v4.0 access to the folder.
Some other noteworthy points include that I'm using the ASP.NET v4.0 application pool, that the managed pipeline is integrated, and that load user profile is set to true.
If anyone has any ideas, I'd appreciated the help. I'm stumped!
EDIT: Does it matter that the website is on the d: drive? I just assumed this wasn't important...
I find I always need to give IIS_IUSRS access.
I'd recommend you to use the Process Monitor to detect which user is actually accessing the file.
Here you'll find an explanation about how to achieve that.
Open IIS7 on the server. Highlight the site, and double-click on the Authentication icon in the Security Section. Check that Anonymous Authentication is enabled.
Some troubleshooting links for this particular issue:
http://support.microsoft.com/kb/902160
http://support.microsoft.com/kb/907273