File folder access exception

[David C]

I am getting the following error trying to create a folder on the file
system using an intranet internal application.

Exception: System.UnauthorizedAccessException

Message: Access to the path '\\lifedevsql\shared\FileDocs\File093969' is
denied.

When I Googled the exception I found a reference to impersonating a user in
the web.config file. Is there any other way to allow create/modify/delete
of file folders on a separate domain server? I have the folders referenced
as a virtual directory on the web site and have read and write permissions
in IIS. I also have full control permissions for an AD group which will be
using this application? Thanks.

David

 

[bruce barker]

the default aspnet use account is a local account without network
permissions. you can set the identity of the app pool to a domain
account, or set the account in the web.config via impersonation.

-- bruce (sqlwork.com)

 

[David C]

If I use impersonate="true" in the identity section of web.config will that
use the current domain users rights? If so, that would be exactly what I
need. What I was concerned with is I did not want to enter a username and
password in the web.config file. Thanks.

David

 

[Norman Yuan]

You must know which user account is used to run your ASP.ENT application,
which runs on a web server. by default, it is the web server's local ASPNET
or Network Service account, which naturally does not have permission to the
resources on the other computer, and enve have very limited access to the
resources on local computer.

As ASP.NET developer, you need to be very clear what resources your
application needs and configure the running user account accordingly. See
more coment inline. MOst likely, if the ASP.NET app has to access resources
on the other computers, you need to impersonate the ASP.NET app to use a
domain user account.

I am getting the following error trying to create a folder on the file
system using an intranet internal application.

Exception: System.UnauthorizedAccessException

Message: Access to the path '\\lifedevsql\shared\FileDocs\File093969' is
denied.

When I Googled the exception I found a reference to impersonating a user
in the web.config file. Is there any other way to allow
create/modify/delete of file folders on a separate domain server? I have
the folders referenced as a virtual directory on the web site and have
read and write permissions

Which user account (domain or local) has the read/write permission? The
permission is given to certain user account.

in IIS. I also have full control permissions for an AD group which will
be

You having full permission does not mean so does other user account.

using this application? Thanks.

a user using your web application does not necessarily mean the web
application is run under his/her credential. It is depends on how the
ASP.NET application configured.

 

[David C]

The "Directory Security" tab on the web site is set to Integrated Windows
Authentication. My web site is reading that users domain info in the
ASP.NET application and it returns DOMAIN\username when I get the
Page.User.Identity.Name

David