Problems accessing files on another server

Discussion in 'ASP General' started by Geoff Lane, May 18, 2007.

  1. Geoff Lane

    Geoff Lane Guest

    Development environment: Windows 2003 Server running IIS6 and the same
    server running as a domain controller, DNS and DHCP servers.

    Production environment: Windows 2000 Server SP4 running IIS5 and not used
    to provide domain control or name services.

    The two environments are on different networks with no trust relationship
    between them. In both environments the web server is set up to disallow
    anonymous access and to use integrated Windows authentication. The
    application is vanilla ASP (i.e. not .NET) VBScript.

    In the development environment, the following code runs flawlessly no
    matter whether "myUNCPath" points to a share on the web server or a share
    on another server in the same domain.

    Set objFilesys = Server.CreateObject("Scripting.FileSystemObject")
    If Not objFileSys.FolderExists(myUNCPath) Then
    Set objFolder = objFileSys.CreateFolder(myUNCPath)
    End If

    However, in the production environment it falls over with a permission
    denied error when "myUNCPath" is on another server and further testing
    shows that the FolderExists method is returning false even when
    "myUNCPath" exists. The network share is configured to give full control
    to the Everyone group.

    I've found http://support.microsoft.com/kb/207671 which although
    referring to IIS4 suggests that the issue could be the authentication
    method (I'm assuming that integrated Windows authentication is close
    enough to NT Challenge/Response and so might generate a token that cannot
    access network resources). I'm not sure of this is the problem because if
    it were then the code shouldn't work in my development environment.

    Any ideas on what's going wrong and how to access the network resources
    in the production environemt?

    TIA,

    --
    Geoff
     
    Geoff Lane, May 18, 2007
    #1
    1. Advertising

  2. Geoff Lane wrote:
    > Development environment: Windows 2003 Server running IIS6 and the same
    > server running as a domain controller, DNS and DHCP servers.
    >


    Everything I know about this issue is summarized here:
    http://www.aspfaq.com/show.asp?id=2168


    --
    Microsoft MVP - ASP/ASP.NET
    Please reply to the newsgroup. This email account is my spam trap so I
    don't check it very often. If you must reply off-line, then remove the
    "NO SPAM"
     
    Bob Barrows [MVP], May 18, 2007
    #2
    1. Advertising

  3. Geoff Lane

    Geoff Lane Guest

    "Bob Barrows [MVP]" <> wrote in news:#Dvns
    $:

    > Everything I know about this issue is summarized here:
    > http://www.aspfaq.com/show.asp?id=2168


    Thanks for that - much appreciated.

    Your page led me to KB article 197964, which in a nutshell told me to run
    the web server with anonymous access. This is something that I cannot do
    because other pages in the same application make use of
    Request.ServerVariables("AUTH_USER") and switching to anonymous access
    would break them.

    Additionally, attempting to force anonymous access for only the pages that
    are affected by this issue won't work because (from the notes in KB article
    264921) "When your browser establishes a connection with a Web site by
    using Basic or Windows Integrated authentication, it does not fall back to
    Anonymous during the rest of that session with the server. If you try to
    connect to a Web page that is marked for Anonymous only after
    authenticating, you are denied."

    Because this issue doesn't appear in my development environment, I wonder
    whether one of switching the DCs to Server 2003 and/or switching the web
    server host to Server 2003 and/or upgrading from IIS5 to IIS6 would be a
    long-term solution?

    Thanks again,

    --
    Geoff
     
    Geoff Lane, May 18, 2007
    #3
  4. Geoff Lane wrote:
    > "Bob Barrows [MVP]" <> wrote in news:#Dvns
    > $:
    >
    >> Everything I know about this issue is summarized here:
    >> http://www.aspfaq.com/show.asp?id=2168

    >
    > Thanks for that - much appreciated.
    >
    > Your page led me to KB article 197964, which in a nutshell told me to
    > run the web server with anonymous access. This is something that I
    > cannot do because other pages in the same application make use of
    > Request.ServerVariables("AUTH_USER") and switching to anonymous access
    > would break them.
    >
    > Additionally, attempting to force anonymous access for only the pages
    > that are affected by this issue won't work because (from the notes in
    > KB article 264921) "When your browser establishes a connection with a
    > Web site by using Basic or Windows Integrated authentication, it does
    > not fall back to Anonymous during the rest of that session with the
    > server. If you try to connect to a Web page that is marked for
    > Anonymous only after authenticating, you are denied."
    >
    > Because this issue doesn't appear in my development environment, I
    > wonder whether one of switching the DCs to Server 2003 and/or
    > switching the web server host to Server 2003 and/or upgrading from
    > IIS5 to IIS6 would be a long-term solution?
    >

    You might consider either of these solutions:
    - creating a web service on the remote server.
    - using ServerXMLHTTP to get results from a page on the remote server
    (http://www.aspfaq.com/show.asp?id=2173)
    --
    Microsoft MVP - ASP/ASP.NET
    Please reply to the newsgroup. This email account is my spam trap so I
    don't check it very often. If you must reply off-line, then remove the
    "NO SPAM"
     
    Bob Barrows [MVP], May 18, 2007
    #4
  5. Geoff Lane

    Geoff Lane Guest

    "Bob Barrows [MVP]" <> wrote in
    news::

    > You might consider either of these solutions:
    > - creating a web service on the remote server.
    > - using ServerXMLHTTP to get results from a page on the remote server


    Much appreciated.

    The application is intended to manage files on the remote server (actually,
    multiple servers). It records which server and share stores the files for
    each of a number of items and the routine that's failing is part of the
    item setup. Searching the 'net suggests that server.transfer will fail for
    the same reasons that cause this issue, so I'd have to pass the required
    information to the remote server via the request object. Messy, but it
    should work.

    That said, the work-around I'm currently in the process of implementing is
    to schedule the directory creation and have a scheduled task run some VBS
    outside of IIS to actually do the deed.

    In the meantime, I've discovered that my development network is using
    Kerebos authentication and suspect the production environment uses NT
    Challenge/Response. I'm waiting for the production network guru to call me
    back with the relevant information. If it turns out that this would sort
    out the situation, I can use the scheduled task for the time being and re-
    implement to handle the directory creation in real-time once the production
    network has completed migrating to Server 2003 etc.

    Thanks again,

    --
    Geoff
     
    Geoff Lane, May 18, 2007
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. John
    Replies:
    2
    Views:
    567
  2. =?Utf-8?B?QmlkYXJrb3Rh?=
    Replies:
    0
    Views:
    526
    =?Utf-8?B?QmlkYXJrb3Rh?=
    Jun 1, 2005
  3. Replies:
    0
    Views:
    603
  4. Rosanna

    accessing files on another computer

    Rosanna, Apr 15, 2004, in forum: ASP General
    Replies:
    7
    Views:
    175
    Rosanna
    Apr 16, 2004
  5. D. Buck
    Replies:
    2
    Views:
    540
    D. Buck
    Jun 29, 2004
Loading...

Share This Page