Solved

ASP.Net File Upload in Windows 2003 Server

Posted on 2004-08-17
4
3,094 Views
Last Modified: 2010-05-18
Dear Experts,

Currently I find myself banging my head against a wall.

We wrote a website in ASP.Net. As part of our administration backend, we have an image/document gallery popup-page that is used to upload documents and images to our Windows 2003 Web Edition server. Unfortunatly, it seems that the C# code used to write the file on the server fails autentication , and I get the following exception:

Access to the path "Inetpub/Website/Images/MyImage.jpg" is denied.mscorlib   at System.IO.__Error.WinIOError(Int32 errorCode, String str)
   at System.IO.File.Delete(String path) )

On our windows xp workstations, we were able to get the code working by simply granting the account aspnet write-access. However, this method fails to rememdy the problem on the Windows 2003 server. Which account should one grant access in order to get the upload working?

I think a checklist of steps needed in order to grant asp.net access to certail folders would help a great deal.

Thanks!
0
Comment
Question by:FVDW
  • 2
4 Comments
 
LVL 23

Assisted Solution

by:rama_krishna580
rama_krishna580 earned 250 total points
ID: 11827118
Hi,

Because the Framework built in security does not allow this unless the user that the code is running under (which by default for a Web Service is ASPNET I believe) has rights to the drive.  You need to do one of three things:

1)  Change the rights that the user ASPNET has.  Very bad idea.  Major security issues.

2)  Change the user that the Web Service is running under to one that has the correct rights.  Better than 1) but still a big security risk.

3)  Read up on impersonation and change the code to impersonate a user that has rights to the drive - for only the amount of time that you are actively accessing the files.  Best option from a security standpoint, but most work to get working.  I have had mixed luck with impersonation - but I know that the issues that I have are understanding issues, not implementation issues.

One important thing is ...(if you are using this option) : You can't access mapped drives from a service because mapped drives are user-specific and become available when a physical login takes place. Services don't have an associated user session. Use a UNC path instead.

i think it may help you...
best of luck..

R.K
0
 
LVL 34

Accepted Solution

by:
Dave_Dietz earned 250 total points
ID: 11827479
In 2003/IIS 6.0 the ASPNet account is only used if you are running in IIS 5.0 Compatability Mode - otherwise it runs as whatever account the Application Pool is configured as (Network Service by default).

If you add the IIS_WPG group with Write permissions it may resolve the issue (it contains the accounts that are allowed to run Application pools).

Dave Dietz
0
 

Author Comment

by:FVDW
ID: 11828583
Thanks you guys,

In the end we were able to get the upload working by impersonation. Thank you for pointing out that IIS 6 runs in a network service account, and not the aspnet account we use for development.

I think it might be worthwhile to invest in a good book on IIS6 Administration. Do you have any recommendations for such a book?

Many thanks,

FVDW
0
 
LVL 34

Expert Comment

by:Dave_Dietz
ID: 11831101
ISBN 0-7356-1560-8
Microsoft IIS 6.0 Administrator's Pocket Consultant
Microsoft Press

I like it....  :-)

Dave Dietz
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Are date-time stamps in Microsoft IIS log files in GMT +0? 3 56
htaccess restrict subdomain 4 84
AWS Advice on using WHM/cPanel 1 68
Public IP Address Amazon Servers 2 41
Introduction This article explores the design of a cache system that can improve the performance of a web site or web application.  The assumption is that the web site has many more “read” operations than “write” operations (this is commonly the ca…
When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

929 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now