Solved

Logon failure

Posted on 2004-08-05
4
330 Views
Last Modified: 2010-04-23
I've created a web service that is trying to open a file. The problem I am having is that even though I have perrmission to the files and the server where the files reside I keep on getting an error saying that:

Logon failure: unknown user name or bad password

How can I put in my credentials so that the local server has access?
0
Comment
Question by:thenrich
  • 2
4 Comments
 
LVL 28

Expert Comment

by:iboutchkine
ID: 11728591
Does ASPNET user has the rights to the file?
0
 
LVL 5

Author Comment

by:thenrich
ID: 11729002
how can I tell?
0
 
LVL 28

Accepted Solution

by:
iboutchkine earned 500 total points
ID: 11729207
Default permissions for the ASPNET account
The ASPNET account is created as a local account when you install ASP.NET. The ASPNET account belongs
only to the Users group on that computer. Therefore, the ASPNET account has all of the rights that are
associated with the Users group and can access any resources that the Users group is granted access to.
The ASPNET account inherits the following user rights from the Users group:

SeChangeNotifyPrivilege
SeUndockPrivilege
SeInteractiveLogonRight
SeNetworkLogonRight

In addition to these rights, the ASPNET account is also granted the following rights by default:

SeServiceLogonRight
SeBatchLogonRight
SeDenyInteractiveLogonRight

ASP.NET grants specific, full-access permissions for the ASPNET account to the following folders:
Temporary ASP.NET Files
%windir%\temp

Additionally, ASP.NET grants Read permission to the Microsoft .NET Framework installation directory.

The following list outlines the Access Control Lists (ACLs) that are required for the ASPNET account.
The default installations of Windows 2000 and the Microsoft .NET Framework include these ACLs.
Location: %installroot%\ASP.NET Temporary Files
Access Type: Read/Write on the folder and List Folder Contents on the drive's root folder
Account: Process account and configured impersonation accounts
Description: This is the location for ASP.NET dynamic compilation. Beneath this location, application code is
generated in a discrete directory for each application. You can use the tempDir attribute in
the <compilation> section to configure the root location.

Note If you change the machine.config to save the ASP.NET temporary files in a different location,
the ASPNET account must have the List Folder Contents access type on the root level of the drive.

Location: %windir%\temp
Access Type: Read/Write
Account: Process account
Description: This is the location that Extensible Markup Language (XML) Web services uses to generate
serialization proxies.
Location: Application directory
Access Type: Read
Account: Process account and configured impersonation accounts
Description: This is the location for application content (only Read access required).
For more information, visit the following Microsoft Web site:
http://msdn.microsoft.com/webservices/building/security/default.aspx?pull=/library/en-us/dnnetsec/html/SecNetHT01.asp

Location: Web site root (%systemdrive%\inetpub\wwwroot or the path that the default Web site points to)
Access Type: Read
Account: Process account and configured impersonation accounts
Description: ASP.NET tries to read configuration files and monitor changes at drive:\inetpub\wwwroot\web.config.
Location: %installroot% hierarchy
Access Type: Read
Account: Process account and configured impersonation accounts
Description: ASP.NET must be able to access .NET Framework assemblies on the Machine.config file
(in the \Config subdirectory under %installroot%).
Location: %windir%\assembly
Access Type: Read
Account: Process account or configured impersonation accounts
Description: This is the global assembly cache that contains shared assemblies.
=============================================

You have a few ways in order to make your web app able to to file IO operation.

1. Grant the ASP.NET (or network service account for win2003) user the write NTFS permission to the folder,
    it will applies to all web app created in your local machine - not good.
2. Enable impersonation to make the worker process running under logged user (better)
3. Modify the security settings in web config to override default settings in machine.config (better)
4. User caspol.exe or mscorcfg.msc utility (better but not simple, sorry should have mentioned this before)

================================

Using file resources

To enable an application that is running with the ASPNET account to write to files, an administrator can
grant Write permissions for the ASPNET account. The administrator can grant Write permissions for
an individual file or for directory hierarchies.

To change the Access Control List for a file, follow these steps:
-Open Windows Explorer.
-Select the file or the folder for which you want to change permissions.
-On the File menu, click Properties.
-Click the Security tab. Click to select the check boxes for the ACL permissions.
You can also use script or the Cacls.exe command-line tool (which is included with Windows) to change
the ACL for a file.

ASP.NET 1.1 uses the <DriveName>\Documents and Settings\<MachineName>\ASPNET folder to store
the process files (where <DriveName> is the drive on your computer where ASP.NET is installed
and <MachineName> is the name of your computer).

also

Right click on the directory where your file is - choose properties - Then the sharing tab - then
click on permissions. Add the ASPNet user ( or the user that aspnet is running under ) to the shared
section Then, make sure it has 'Change' rights - Click Apply and you should be working fine then.
0
 
LVL 4

Expert Comment

by:computerg33k
ID: 11739148
Are you sure your supposed to log on as a username and password--or as windows nt integrated?  to tell go into your connection and it's which one is clicked
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Suggested Solutions

Article by: Kraeven
Introduction Remote Share is a simple remote sharing tool, enabling you to see, add and remove remote or local shares. The application is written in VB.NET targeting the .NET framework 2.0. The source code and the compiled programs have been in…
1.0 - Introduction Converting Visual Basic 6.0 (VB6) to Visual Basic 2008+ (VB.NET). If ever there was a subject full of murkiness and bad decisions, it is this one!   The first problem seems to be that people considering this task of converting…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now