File permission problem

Discussion in 'ASP General' started by Richard Muller, Oct 15, 2003.

  1. Hi,

    I new to ASP. I have a problem with an ASP script opening a file for
    writing on my server. Here's how I got to this error:

    I downloaded a neat FileUpload ASP example from
    http://www.asp101.com/articles/jacob/scriptupload.asp.

    I copied to my wwwroot folder on my Win2000AS/SP4 server:
    - main .asp file
    - a subordinate .asp file that the main file references; and
    - a webform .html file

    Because of the problem I encountered I added a number of debugging
    statements to the script. Then I invoked the webform from a workstation
    using IE6.0 by referencing the server's IP address appended with webform
    ..html file's name.

    I completed the form with:
    - Name: RLM
    - File: F:\_Projects_Current\_Projects_ASP\Test\Upload_test.txt
    and clicked Submit. I got the following error:

    Microsoft VBScript runtime (0x800A0046)
    Permission denied
    /upload.asp, line 137

    The offending line is:
    Set oFile = oFS.CreateTextFile(sPath & FileName, True)

    I commented out this line, which then yielded:
    Thank you for your upload RLM
    Saving to folder D:\UploadedFiles\
    Validating existence of folder D:\UploadedFiles\
    Saving data to D:\UploadedFiles\Upload_test.txt
    File Uploaded: Upload_test.txt
    Size: 21 bytes
    Type: text/plain

    Any ideas on how I can fix this?

    --

    Regards,
    Richard

    I can resist everything except temptation
    Lord Darlington in "Lady Windermere's Fan" by Oscar Wilde
     
    Richard Muller, Oct 15, 2003
    #1
    1. Advertising

  2. Richard Muller

    Ray at Guest

    Assuming you're using anonymous access on your site (the default), you'll
    have to give IUSR_<computername> NTFS write permissions to the directory to
    which you're trying to save the file, D:\UploadedFiles.

    Ray at work

    "Richard Muller" <> wrote in message
    news:...

    >
    > Microsoft VBScript runtime (0x800A0046)
    > Permission denied
    > /upload.asp, line 137
    >
    > The offending line is:
    > Set oFile = oFS.CreateTextFile(sPath & FileName, True)
    >
    > Saving to folder D:\UploadedFiles\
     
    Ray at, Oct 15, 2003
    #2
    1. Advertising

  3. Hi Ray,

    Many thanks for your response. I was sure you were putting me on the right
    track. I just wasn't sure whether I could follow the track :) Here's what
    I did, but still wound up with Permission Denied. Any other suggestions?

    Regards,
    Richard Muller

    > Assuming you're using anonymous access on your site (the default)


    I verified anonymous access as follows:
    In Microsoft Management Console for IIS,

    right-clicked the one-and-only entry, the server name, and clicked
    Properties

    clicked the Directory Security tab

    clicked the Edit button in Anonymous access and authentication control group

    accepted default: Anonymous access checkbox checked

    accepted default: Integrated Windows authentication checkbox checked


    > IUSR_<computername> NTFS write permissions to the directory to
    > which you're trying to save the file, D:\UploadedFiles.


    I tried to provide write permissions to that folder as follows:

    I right-clicked that folder name in Windows Explorer on the server,

    clicked Properties which opened the UploadFiles Properties dialog,

    clicked Web Sharing tab,

    clicked the Share this folder radio button,

    accepted the defaults of: Read, Write and Scripts.



    Still got Permission denied.



    Again opened the UploadedFiles Properties dialog,

    clicked Sharing tab,

    clicked the Share this folder radio button,

    accepted the default sharename UploadedFiles

    clicked the Permissions button which opened the Permissions for
    UploadedFiles dialog,

    clicked Remove on the Everyone class of users,

    clicked the Add button (closing the Permissions for UploadedFiles dialog),

    double-clicked my workstation's name and OK in the Select Users, Computers
    or Groups dialog,

    clicked (Allow) Full Control on workstation's name.



    Still got Permission denied.



    Stopped and restarted IIS

    In Microsoft Management Console for IIS.

    right-clicked the one-and-only entry, the server name

    clicked Stop IIS

    After it stops, right-click the server name

    clicked Restart IIS



    Still got Permission denied.
     
    Richard Muller, Oct 15, 2003
    #3
  4. Richard Muller

    Ray at Guest

    Undo all the sharing stuff that you did unless you really want to share this
    directory on your network.

    When you pull up the properties dialog for that folder, you ~should~ have
    these tabs:

    Windows XP:
    General
    Sharing
    Security
    Web Sharing
    [Customize]

    Windows 2000:
    General
    Web Sharing
    Sharing
    Security


    Windows NT 4:
    I forget.


    You want to set the permissions on the SECURITY tab. Add the IUSR to the
    list of users with permissions and give that user permissions to write and
    modify contents. If you do not have a security tab, your drive is not NTFS.
    If that is the case, there's some other issue. AV software maybe?

    Ray at work



    "Richard Muller" <> wrote in message
    news:...

    >
    > Again opened the UploadedFiles Properties dialog,
    >
    > clicked Sharing tab,
    >
    > clicked the Share this folder radio button,
    >
    > accepted the default sharename UploadedFiles
    >
    > clicked the Permissions button which opened the Permissions for
    > UploadedFiles dialog,
    >
    > clicked Remove on the Everyone class of users,
    >
    > clicked the Add button (closing the Permissions for UploadedFiles dialog),
    >
    > double-clicked my workstation's name and OK in the Select Users, Computers
    > or Groups dialog,
    >
    > clicked (Allow) Full Control on workstation's name.
    >
     
    Ray at, Oct 15, 2003
    #4
  5. Hi Ray,

    On my Windows2000AS/SP4 server,

    in D:\UploadedFiles | Properties menu item | Security tab | Add button ==>
    Select Users, Computers, or Groups dialog

    "MachineName for Workstation 1" said to be in folder "MyDomain"/Computers
    with a PC icon

    "MachineName for Workstation 2" said to be in folder "MyDomain"/Computers
    with a PC icon

    "MachineName for Server" said to be in folder "MyDomain"/DomainControllers
    with a PC icon

    IUSER_"MachineName for Server"

    No other IUSER_xxx



    I added both workstations and gave the all permissions except Full Control

    Got same Permission denied for server file D:\UploadedFiles

    BTW, I undid my the shares I had created



    Grasping at straws, I made a new website: UploadedMaterial

    I opened MMC on Workstation 1

    I connected to the server

    I right-clicked Default Web Server and clicked New | Virtual Directory

    I gave it the alias UploadedMaterial and pointed it to D:\UploadedFiles

    I adjusted the .asp to look for the “directory” UploadedMaterial,

    which terminated the update process prematurely because of ASP statement

    If Not oFS.FolderExists(sPath) Then Exit Sub,

    where sPath had the value UploadedMaterial

    Suppressing that check led the error Path not found instead of the previous
    Permission denied.



    Thinking that perhaps my internet connection to IIS might have gotten
    wrecked with all the changes I made, I gave IE the address http://MyServer,
    which dutifully returned a page that include the line This is
    D:\inetpub\wwwroot\default.asp, which is indeed in my default.asp folder in
    the indicated directory, which is the directory assigned to my Default Web
    Site.



    Can you think of any other possible error of omission or commission I might
    have made? As you chave no doubt observed, I don’t have much network
    administration experience, despite decades of application-developer
    experience.



    Regards,

    Richard Muller
     
    Richard Muller, Oct 15, 2003
    #5
  6. Richard Muller

    Ray at Guest

    "Richard Muller" <> wrote in message
    news:evt%23%...
    > Hi Ray,
    >
    > On my Windows2000AS/SP4 server,
    >
    > in D:\UploadedFiles | Properties menu item | Security tab | Add button ==>
    > Select Users, Computers, or Groups dialog
    >
    > "MachineName for Workstation 1" said to be in folder "MyDomain"/Computers
    > with a PC icon
    >
    > "MachineName for Workstation 2" said to be in folder "MyDomain"/Computers
    > with a PC icon
    >
    > "MachineName for Server" said to be in folder "MyDomain"/DomainControllers
    > with a PC icon
    >
    > IUSER_"MachineName for Server"
    >
    > No other IUSER_xxx
    >


    Is this a DC? What account is IIS running under (or that directory with
    your asp file anyway)?

    At least we know the drive is NTFS. Look, just give everyone full control
    for a moment or two to determine if it is even a permissions issue. Do it
    the simple way by entering this at the command prompt:

    cacls D:\UploadedFiles /e /g everyone:f


    If that works, remove everyone and then give the same permissions to the
    IUSR account that your site is using.

    Ray at home
     
    Ray at, Oct 16, 2003
    #6
  7. Hi Ray,

    > Is this a DC?


    Yes, the Win2000 Advanced Server is a Domain Controller. It's running, as
    I recall from the setup I implemented last year, a Windows 2000 network
    with no sub-2000 machines allowed on it, e.g. Win98 or WinME.

    > What account is IIS running under (or that directory with your asp file

    anyway)?

    I don't know how to determine that. I'll try to figure it out tomorrow
    sometime.

    > At least we know the drive is NTFS.


    Absolutely: On the server, on a Win2000 workstation (#1) and on a WinXP/Pro
    workstation (#2)

    > Look, just give everyone full control > for a moment or two to determine

    if it is even a permissions issue. Do it the simple way by entering this
    at the command prompt: cacls D:\UploadedFiles /e /g everyone:f

    Will do tomorrow sometime.

    > If that works, remove everyone and then give the same permissions to the

    IUSR account that your site is using.

    OK. I assume you mean the one-and-only IUSR_[ServerName] account that I
    mentioned.

    Thank you very much for hanging in there with me as I wrestled with this
    "alligator." I've definitely learned a lot, for which I'm grateful.

    Regards,
    Richard
     
    Richard Muller, Oct 16, 2003
    #7
  8. Richard Muller

    Ray at Guest

    "Richard Muller" <> wrote in message
    news:...
    > Hi Ray,
    >
    > > Is this a DC?

    >
    > Yes


    EEGS! ;]

    > the Win2000 Advanced Server is a Domain Controller. It's running, as
    > I recall from the setup I implemented last year, a Windows 2000 network
    > with no sub-2000 machines


    Must be nice... I'm still stuck with some 95 machines and plenty of NT
    machines.


    > > What account is IIS running under (or that directory with your asp file

    > anyway)?
    >
    > I don't know how to determine that. I'll try to figure it out tomorrow
    > sometime.


    Right click My Computer
    Click Manage
    Expand Services and Applications
    Expand IIS
    Expand your Web site
    Right click on your directory with this asp file.
    Click Properties
    Click on the Directory Security Tab
    Click the Edit button in "Anonymous access and authentication control
    Click the Edit button in that dialog in the Anonymous access area (the
    checkbox should be checked. If not, ignore the rest of this post and go
    back and set permissions for domain users on that target directory)
    Take note of the value in the Username textbox. It is probably
    IUSR_nameOfDC. This would be a domain account.
    Cancel or Esc out of everything.

    To set the permissions for this target directory, enter this at the command
    prompt.
    cacls \\nameOfDC\d$\UploadedFiles /e /g
    netbiosStyleDomainName\IUSR_nameOfDC:f


    > Thank you very much for hanging in there with me as I wrestled with this
    > "alligator." I've definitely learned a lot, for which I'm grateful.


    No problem. I'll check back tomorrow.

    Ray at home
     
    Ray at, Oct 16, 2003
    #8
  9. Hi Ray,

    Without further ado, let me say SUCCESS!

    > EEGS! ;]


    What's this? I asked Google: Environmental & Engineering Geophysical
    Society
    didn't seem quite right. Neither did Electroencephalograph. :)

    But I did find :] on http://members.aol.com/bearpage/smileys.htm

    > Must be nice... I'm still stuck with some 95 machines and plenty of NT
    > machines.


    I'd speculate that you're a network administator for a small company; if it
    were a large company, it'd be more up-to-date. At least that's my
    experience in decades of consulting in software development.

    > > > What account is IIS running under (or that directory with your asp

    file
    > > anyway)?
    > >
    > > I don't know how to determine that.


    Thank's for the blow-by-blow description. I got the domain account
    painlessly because of it.

    > To set the permissions for this target directory, enter this at the

    command
    > prompt.
    > cacls \\nameOfDC\d$\UploadedFiles /e /g
    > netbiosStyleDomainName\IUSR_nameOfDC:f


    I puzzled over the code for a while because I didn't realize that part of it
    was pseudo-code explaining the other pseudo-code. Happily, the cacls
    command with no args presents a help list like a good netizen, so after a
    few missteps I reached nirvana.

    I long ago took a stab at going through NT Security, but it was dull and I
    didn't have a pressing need for it, so I dropped it. This experience has
    peeked my interest in it, so I just cracked open my copy of Inside Windows
    NT, 1998 edition. Maybe I'll even get an up-to-date copy.

    Anyway, thanks for all the help.

    Stay in touch,
    Richard Muller
     
    Richard Muller, Oct 16, 2003
    #9
  10. Richard Muller

    Ray at Guest

    "Richard Muller" <> wrote in message
    news:...
    > Hi Ray,
    >
    > Without further ado, let me say SUCCESS!


    Cool!

    >
    > > EEGS! ;]

    >
    > What's this? I asked Google: Environmental & Engineering Geophysical
    > Society
    > didn't seem quite right. Neither did Electroencephalograph. :)
    >
    > But I did find :] on http://members.aol.com/bearpage/smileys.htm


    ha! No, "eegs" is another way of saying "Oh my God" or something. A quote
    from a character on TV, Tony Dimera. Okay, I confess. I watch Days of Our
    Lives.


    >
    > I'd speculate that you're a network administator for a small company; if

    it
    > were a large company, it'd be more up-to-date. At least that's my
    > experience in decades of consulting in software development.


    HA! I'm a programmer at a medium sized company (I guess). $2.7 billion
    bank, which is medium sized.


    > I long ago took a stab at going through NT Security, but it was dull and

    I
    > didn't have a pressing need for it, so I dropped it. This experience has
    > peeked my interest in it, so I just cracked open my copy of Inside

    Windows
    > NT, 1998 edition. Maybe I'll even get an up-to-date copy.


    Outstanding. Yeah, unfortunately, I don't think any IT career can be
    performed in a vacuum. If you program, you have to understand networking,
    permissions, domains, and other such things. And if you're a network admin,
    you have to at least have a clue about how programming works. I hate when
    the network admins say, "Can you write a script to install this
    never-heard-of-before software package onto all the computers in the company
    from the intranet?

    Uh, no. Buy SMS. :]

    Ray at home

    >
    > Anyway, thanks for all the help.
    >
    > Stay in touch,
    > Richard Muller
    >
    >
    >
     
    Ray at, Oct 17, 2003
    #10
  11. > Okay, I confess. I watch Days of Our Lives.
    No problem. I'm a West Wing junkie. IMHO, it's got the sharpest dialog
    and most realistic scences of any series I've ever seen. The current
    season's offering has lost some of the show's luster because a major cast
    member and the show's creator are gone.

    > Yeah, unfortunately, I don't think any IT career can be
    > performed in a vacuum. If you program, you have to understand networking,
    > permissions, domains, and other such things.


    I agree in general. However, I've almost always worked in large
    institutions which had network administrators that prevented app developers
    from making any changes to network configuration. That's why I've never
    paid much attention to it. But I decided to put up a website on my own
    server and eventually open it to the public. Hence the present need for
    hands-on networking.

    > Buy SMS. :]


    I'm not ready for mobile communications right now. I want to keep my on
    website development with "traditional" access, along with good design to
    make it attractive, good content to make it interesting and good security
    to make it reliable. That's enough to worry about for one lone programmer
    (with the technical support of my son, whose a high-level developer in a
    national website, except he's mainly Linux and Unix rather than Windows, and
    big packages like BEA rather than low-level development.)

    I'm on a roll now, working to hook ASP into SQL Server 2000 right now. I'll
    post another plea for help when that turns out to be problematical, but I
    don't really anticipate any difficuly.

    C'ya,
    Richard
     
    Richard Muller, Oct 20, 2003
    #11
  12. Hey Ray,

    I tried to access a SQL Server 7 database using ADO within ASP. I had
    trouble getting it working, so I decided to install SQL Server 2000
    Enterprise Edition over version 7, which failed (probably because of all the
    security updates, etc. done in the past two years to the Win2000 Adv.
    Server SP4 installation.

    If you're still in the mood to help this humble programmer and up to speed
    on the intricacies on SQL Server installations, please take a look at my
    post :
    "Recovery from failed SQL2000 update to SQL7 - How?" on the NG
    "microsoft.public.sqlserver.setup".

    Regards,
    Richard



    "Ray at <%=sLocation%>" <myfirstname at lane34 dot com> wrote in message
    news:...
    > Assuming you're using anonymous access on your site (the default), you'll
    > have to give IUSR_<computername> NTFS write permissions to the directory

    to
    > which you're trying to save the file, D:\UploadedFiles.
    >
    > Ray at work
    >
    > "Richard Muller" <> wrote in message
    > news:...
    >
    > >
    > > Microsoft VBScript runtime (0x800A0046)
    > > Permission denied
    > > /upload.asp, line 137
    > >
    > > The offending line is:
    > > Set oFile = oFS.CreateTextFile(sPath & FileName, True)
    > >
    > > Saving to folder D:\UploadedFiles\

    >
    >
     
    Richard Muller, Oct 25, 2003
    #12
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Chris
    Replies:
    1
    Views:
    850
    Roy Johnson
    Oct 28, 2003
  2. JRV
    Replies:
    2
    Views:
    424
  3. Umut Tezduyar
    Replies:
    3
    Views:
    175
    Steven Cheng[MSFT]
    Nov 15, 2004
  4. Replies:
    1
    Views:
    210
    Joe Kaplan \(MVP - ADSI\)
    Aug 3, 2006
  5. Replies:
    1
    Views:
    153
    Anthony Jones
    Jul 27, 2007
Loading...

Share This Page