Permissions on new Text File - IIS6 and Windows authentication.

Discussion in 'ASP .Net' started by Merk, Jun 24, 2009.

  1. Merk

    Merk Guest

    The answer to this ASP.NET question might be informed by insight from the
    IIS community - thus posted to both groups.

    I have an ASP.NET 2.0 app that runs on a private corporate Intranet on a
    Windows Server 2003 R@ server, running IIS6. The Web site site is set up to
    use Windows authentication.

    This application writes short entries to a text file for logging purposes.
    The log file writing logic checks the size of the log file. When the log
    file gets too big, it renames the current log file for purposes of archiving
    it, and then creates a new log file.

    The problem I am finding is that the new log file cannot be written to by
    the ASP.NET Web app. File permissions are not adequate. To resolve I have
    been manually adding the permissions to the file for the ASPNET account and
    for the NETWORKSERVICE account.

    I would think that ASP.NET created the file - so it should be able to write
    to it.

    Question: What can I do to have the permissions - required by ASP.NET -
    automatically granted on the text log file that is created by ASP.Net?

    An interesting and relevant observation is that the user who was using the
    ASP.NET Web application does in fact have permissions to the file. To be
    clear, when the application was choking on the file due to insufficient
    permissions, the file permissions showed the user [who was using the
    application when the new file was created] to have permissions on the file -
    with permissions viewed through the file properties dialog, security tab, in
    Windows Explorer.

    The reason I am confident that the user to whom permissions were directly
    and automatically assigned was the user who was using the app when the new
    log file was created - is because the log entries in the file include the
    current user ID... and the only entries in the new log file were for the
    same user ID to which NTFS permissions were automatically assigned.
     
    Merk, Jun 24, 2009
    #1
    1. Advertising

  2. Merk

    Joy Guest

    Hi Mark,

    It seems that you have done most of the things correct. However, ASP.NET
    Application hosted on IIS runs under a specific identity. In your case the
    identity is "Network Service".

    Please do the following steps:

    1. Make sure the directory (under which log file is being written) has the
    properties inherited by its sub-folders.
    2. Make sure the directory (as defined in Step 1) has proper rights given to
    "NETWORK SERVICE".

    Please let me know if it helps.

    regards,
    Joy

    "Merk" wrote:

    > The answer to this ASP.NET question might be informed by insight from the
    > IIS community - thus posted to both groups.
    >
    > I have an ASP.NET 2.0 app that runs on a private corporate Intranet on a
    > Windows Server 2003 R@ server, running IIS6. The Web site site is set up to
    > use Windows authentication.
    >
    > This application writes short entries to a text file for logging purposes.
    > The log file writing logic checks the size of the log file. When the log
    > file gets too big, it renames the current log file for purposes of archiving
    > it, and then creates a new log file.
    >
    > The problem I am finding is that the new log file cannot be written to by
    > the ASP.NET Web app. File permissions are not adequate. To resolve I have
    > been manually adding the permissions to the file for the ASPNET account and
    > for the NETWORKSERVICE account.
    >
    > I would think that ASP.NET created the file - so it should be able to write
    > to it.
    >
    > Question: What can I do to have the permissions - required by ASP.NET -
    > automatically granted on the text log file that is created by ASP.Net?
    >
    > An interesting and relevant observation is that the user who was using the
    > ASP.NET Web application does in fact have permissions to the file. To be
    > clear, when the application was choking on the file due to insufficient
    > permissions, the file permissions showed the user [who was using the
    > application when the new file was created] to have permissions on the file -
    > with permissions viewed through the file properties dialog, security tab, in
    > Windows Explorer.
    >
    > The reason I am confident that the user to whom permissions were directly
    > and automatically assigned was the user who was using the app when the new
    > log file was created - is because the log entries in the file include the
    > current user ID... and the only entries in the new log file were for the
    > same user ID to which NTFS permissions were automatically assigned.
    >
    >
    >
     
    Joy, Jun 25, 2009
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Scott Allen
    Replies:
    0
    Views:
    462
    Scott Allen
    Jul 13, 2004
  2. =?Utf-8?B?U2Ft?=

    IIS6 and Windows Authentication

    =?Utf-8?B?U2Ft?=, Sep 16, 2005, in forum: ASP .Net
    Replies:
    1
    Views:
    2,921
    Patrick.O.Ige
    Sep 19, 2005
  3. Luwk
    Replies:
    1
    Views:
    664
    Banty
    Nov 22, 2006
  4. Curt K
    Replies:
    0
    Views:
    585
    Curt K
    Nov 3, 2006
  5. Peter Bernhardt
    Replies:
    1
    Views:
    162
    Hernan de Lahitte
    Jan 14, 2004
Loading...

Share This Page