.net user permissions in IIS

F

Fox1977

Hi folks,

Just wondering if anyone can help me out with this problem I'm having
getting a particular .net web application to run on a windows 2003 r2
x64 platform running as a domain account.

Our current setup is as follows:

We have a windows 2003 domain with 4 web servers in. Two of them are
windows 2003 sp1 and I am trying to bring two new ones online. These
are new windows 2003 x64 R2 boxes. The web sites we run as domain
accounts as they need to access resources and shared folders on other
servers within the domain.

We have a built our own imageresizer application that runs in .net
1.1. (I think). Apologies if some of my programming terminology is a
bit rubbish as I'm a sys admin by nature.

On the older servers with have the following versions of the .net
framework installed (these are the folders from windows/microsoft.net
folder)1.0.33, 1.0.37. 1.1.43. The new servers have the following
versions on them 1.0.37, 1.1.43 and 2.0.50. On the new servers there
is also a folder called framework64.

When I try to run the application in the browser in a site running as
a domain account I get the following .net error:

Server Error in '/IMAGERESIZER' Application.
________________________________________
Access is denied. (Exception from HRESULT: 0x80070005
(E_ACCESSDENIED))
Description: An unhandled exception occurred during the execution of
the current web request. Please review the stack trace for more
information about the error and where it originated in the code.

Exception Details: System.UnauthorizedAccessException: Access is
denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))

ASP.NET is not authorized to access the requested resource. Consider
granting access rights to the resource to the ASP.NET request
identity. ASP.NET has a base process identity (typically {MACHINE}
\ASPNET on IIS 5 or Network Service on IIS 6) that is used if the
application is not impersonating. If the application is impersonating
via <identity impersonate="true"/>, the identity will be the anonymous
user (typically IUSR_MACHINENAME) or the authenticated request user.

To grant ASP.NET access to a file, right-click the file in Explorer,
choose "Properties" and select the Security tab. Click "Add" to add
the appropriate user or group. Highlight the ASP.NET account, and
check the boxes for the desired access.

Source Error:
An unhandled exception was generated during the execution of the
current web request. Information regarding the origin and location of
the exception can be identified using the exception stack trace
below.

Stack Trace:

[UnauthorizedAccessException: Access is denied. (Exception from
HRESULT: 0x80070005 (E_ACCESSDENIED))]

[FileLoadException: Could not load file or assembly
'System.Web.RegularExpressions, Version=2.0.0.0, Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a' or one of its dependencies. Access is
denied.]
System.Web.Configuration.RegexWorker..cctor() +0

[TypeInitializationException: The type initializer for
'System.Web.Configuration.RegexWorker' threw an exception.]
System.Web.Configuration.RegexWorker.Lookup(String from) +0
System.Web.Configuration.RegexWorker.get_Item(String key) +4
ASP.BrowserCapabilitiesFactory.MozillaProcess(NameValueCollection
headers, HttpBrowserCapabilities browserCaps) +449
ASP.BrowserCapabilitiesFactory.DefaultProcess(NameValueCollection
headers, HttpBrowserCapabilities browserCaps) +2568

ASP.BrowserCapabilitiesFactory.ConfigureBrowserCapabilities(NameValueCollection
headers, HttpBrowserCapabilities browserCaps) +21

System.Web.Configuration.BrowserCapabilitiesFactoryBase.GetHttpBrowserCapabilities(HttpRequest
request) +159

System.Web.Configuration.HttpCapabilitiesEvaluator.EvaluateFinal(HttpRequest
request, Boolean onlyEvaluateUserAgent) +23

System.Web.Configuration.HttpCapabilitiesEvaluator.Evaluate(HttpRequest
request) +182

System.Web.Configuration.HttpCapabilitiesBase.GetBrowserCapabilities(HttpRequest
request) +162
System.Web.HttpRequest.get_Browser() +134

System.Web.ErrorFormatter.RequiresAdaptiveErrorReporting(HttpContext
context) +104

I can get the application to run successfully when I add the domain
user to the local administrators group but this really isn't an option
as we cannot have sites running as local admin users. I can also get
the application to run ok when it is running on a site running as the
anonymous IIS user.

I am presuming that the error message is down to not being able to
access this file System.Web.RegularExpressions. How do i go about
setting the permissions for our domain user to access the .net files
without granting them administrator privileges.

Much appreciated


John
 
G

Guest

Fox1977,
The exception message has all the information you need to correct this
problem.
You can right -click on the folder containing the resources where access is
denied, choose the Security Tab, and either grant permission to the required
account, or add the needed account and grant it permission. If it needs to be
a domain account, you can add it there.
Peter

--
Site: http://www.eggheadcafe.com
UnBlog: http://petesbloggerama.blogspot.com
Short urls & more: http://ittyurl.net




Fox1977 said:
Hi folks,

Just wondering if anyone can help me out with this problem I'm having
getting a particular .net web application to run on a windows 2003 r2
x64 platform running as a domain account.

Our current setup is as follows:

We have a windows 2003 domain with 4 web servers in. Two of them are
windows 2003 sp1 and I am trying to bring two new ones online. These
are new windows 2003 x64 R2 boxes. The web sites we run as domain
accounts as they need to access resources and shared folders on other
servers within the domain.

We have a built our own imageresizer application that runs in .net
1.1. (I think). Apologies if some of my programming terminology is a
bit rubbish as I'm a sys admin by nature.

On the older servers with have the following versions of the .net
framework installed (these are the folders from windows/microsoft.net
folder)1.0.33, 1.0.37. 1.1.43. The new servers have the following
versions on them 1.0.37, 1.1.43 and 2.0.50. On the new servers there
is also a folder called framework64.

When I try to run the application in the browser in a site running as
a domain account I get the following .net error:

Server Error in '/IMAGERESIZER' Application.
________________________________________
Access is denied. (Exception from HRESULT: 0x80070005
(E_ACCESSDENIED))
Description: An unhandled exception occurred during the execution of
the current web request. Please review the stack trace for more
information about the error and where it originated in the code.

Exception Details: System.UnauthorizedAccessException: Access is
denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))

ASP.NET is not authorized to access the requested resource. Consider
granting access rights to the resource to the ASP.NET request
identity. ASP.NET has a base process identity (typically {MACHINE}
\ASPNET on IIS 5 or Network Service on IIS 6) that is used if the
application is not impersonating. If the application is impersonating
via <identity impersonate="true"/>, the identity will be the anonymous
user (typically IUSR_MACHINENAME) or the authenticated request user.

To grant ASP.NET access to a file, right-click the file in Explorer,
choose "Properties" and select the Security tab. Click "Add" to add
the appropriate user or group. Highlight the ASP.NET account, and
check the boxes for the desired access.

Source Error:
An unhandled exception was generated during the execution of the
current web request. Information regarding the origin and location of
the exception can be identified using the exception stack trace
below.

Stack Trace:

[UnauthorizedAccessException: Access is denied. (Exception from
HRESULT: 0x80070005 (E_ACCESSDENIED))]

[FileLoadException: Could not load file or assembly
'System.Web.RegularExpressions, Version=2.0.0.0, Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a' or one of its dependencies. Access is
denied.]
System.Web.Configuration.RegexWorker..cctor() +0

[TypeInitializationException: The type initializer for
'System.Web.Configuration.RegexWorker' threw an exception.]
System.Web.Configuration.RegexWorker.Lookup(String from) +0
System.Web.Configuration.RegexWorker.get_Item(String key) +4
ASP.BrowserCapabilitiesFactory.MozillaProcess(NameValueCollection
headers, HttpBrowserCapabilities browserCaps) +449
ASP.BrowserCapabilitiesFactory.DefaultProcess(NameValueCollection
headers, HttpBrowserCapabilities browserCaps) +2568

ASP.BrowserCapabilitiesFactory.ConfigureBrowserCapabilities(NameValueCollection
headers, HttpBrowserCapabilities browserCaps) +21

System.Web.Configuration.BrowserCapabilitiesFactoryBase.GetHttpBrowserCapabilities(HttpRequest
request) +159

System.Web.Configuration.HttpCapabilitiesEvaluator.EvaluateFinal(HttpRequest
request, Boolean onlyEvaluateUserAgent) +23

System.Web.Configuration.HttpCapabilitiesEvaluator.Evaluate(HttpRequest
request) +182

System.Web.Configuration.HttpCapabilitiesBase.GetBrowserCapabilities(HttpRequest
request) +162
System.Web.HttpRequest.get_Browser() +134

System.Web.ErrorFormatter.RequiresAdaptiveErrorReporting(HttpContext
context) +104

I can get the application to run successfully when I add the domain
user to the local administrators group but this really isn't an option
as we cannot have sites running as local admin users. I can also get
the application to run ok when it is running on a site running as the
anonymous IIS user.

I am presuming that the error message is down to not being able to
access this file System.Web.RegularExpressions. How do i go about
setting the permissions for our domain user to access the .net files
without granting them administrator privileges.

Much appreciated


John
 
F

Fox1977

I've just granted a domain group I created access to the windows
folder and it seems to have sorted the problem.

Thanks

Fox1977,
The exception message has all the information you need to correct this
problem.
You can right -click on the folder containing the resources where access is
denied, choose the Security Tab, and either grant permission to the required
account, or add the needed account and grant it permission. If it needs to be
a domain account, you can add it there.
Peter

--
Site: http://www.eggheadcafe.com
UnBlog: http://petesbloggerama.blogspot.com
Short urls & more: http://ittyurl.net

Fox1977 said:
Hi folks,
Just wondering if anyone can help me out with this problem I'm having
getting a particular .net web application to run on a windows 2003 r2
x64 platform running as a domain account.
Our current setup is as follows:
We have a windows 2003 domain with 4 web servers in. Two of them are
windows 2003 sp1 and I am trying to bring two new ones online. These
are new windows 2003 x64 R2 boxes. The web sites we run as domain
accounts as they need to access resources and shared folders on other
servers within the domain.
We have a built our own imageresizer application that runs in .net
1.1. (I think). Apologies if some of my programming terminology is a
bit rubbish as I'm a sys admin by nature.
On the older servers with have the following versions of the .net
framework installed (these are the folders from windows/microsoft.net
folder)1.0.33, 1.0.37. 1.1.43. The new servers have the following
versions on them 1.0.37, 1.1.43 and 2.0.50. On the new servers there
is also a folder called framework64.
When I try to run the application in the browser in a site running as
a domain account I get the following .net error:
Server Error in '/IMAGERESIZER' Application.
________________________________________
Access is denied. (Exception from HRESULT: 0x80070005
(E_ACCESSDENIED))
Description: An unhandled exception occurred during the execution of
the current web request. Please review the stack trace for more
information about the error and where it originated in the code.
Exception Details: System.UnauthorizedAccessException: Access is
denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
ASP.NET is not authorized to access the requested resource. Consider
granting access rights to the resource to the ASP.NET request
identity. ASP.NET has a base process identity (typically {MACHINE}
\ASPNET on IIS 5 or Network Service on IIS 6) that is used if the
application is not impersonating. If the application is impersonating
via <identity impersonate="true"/>, the identity will be the anonymous
user (typically IUSR_MACHINENAME) or the authenticated request user.
To grant ASP.NET access to a file, right-click the file in Explorer,
choose "Properties" and select the Security tab. Click "Add" to add
the appropriate user or group. Highlight the ASP.NET account, and
check the boxes for the desired access.
Source Error:
An unhandled exception was generated during the execution of the
current web request. Information regarding the origin and location of
the exception can be identified using the exception stack trace
below.
Stack Trace:
[UnauthorizedAccessException: Access is denied. (Exception from
HRESULT: 0x80070005 (E_ACCESSDENIED))]
[FileLoadException: Could not load file or assembly
'System.Web.RegularExpressions, Version=2.0.0.0, Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a' or one of its dependencies. Access is
denied.]
System.Web.Configuration.RegexWorker..cctor() +0
[TypeInitializationException: The type initializer for
'System.Web.Configuration.RegexWorker' threw an exception.]
System.Web.Configuration.RegexWorker.Lookup(String from) +0
System.Web.Configuration.RegexWorker.get_Item(String key) +4
ASP.BrowserCapabilitiesFactory.MozillaProcess(NameValueCollection
headers, HttpBrowserCapabilities browserCaps) +449
ASP.BrowserCapabilitiesFactory.DefaultProcess(NameValueCollection
headers, HttpBrowserCapabilities browserCaps) +2568
ASP.BrowserCapabilitiesFactory.ConfigureBrowserCapabilities(NameValueCollection
headers, HttpBrowserCapabilities browserCaps) +21
System.Web.Configuration.BrowserCapabilitiesFactoryBase.GetHttpBrowserCapabilities(HttpRequest
request) +159
System.Web.Configuration.HttpCapabilitiesEvaluator.EvaluateFinal(HttpRequest
request, Boolean onlyEvaluateUserAgent) +23
System.Web.Configuration.HttpCapabilitiesEvaluator.Evaluate(HttpRequest
request) +182
System.Web.Configuration.HttpCapabilitiesBase.GetBrowserCapabilities(HttpRequest
request) +162
System.Web.HttpRequest.get_Browser() +134
System.Web.ErrorFormatter.RequiresAdaptiveErrorReporting(HttpContext
context) +104
I can get the application to run successfully when I add the domain
user to the local administrators group but this really isn't an option
as we cannot have sites running as local admin users. I can also get
the application to run ok when it is running on a site running as the
anonymous IIS user.
I am presuming that the error message is down to not being able to
access this file System.Web.RegularExpressions. How do i go about
setting the permissions for our domain user to access the .net files
without granting them administrator privileges.
Much appreciated
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,483
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top