Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.
COURSE of the MONTH
12 days, 21 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
ASP.Net File Upload in Windows 2003 Server
Posted on 2004-08-17
Dear Experts,
Currently I find myself banging my head against a wall.
We wrote a website in ASP.Net. As part of our administration backend, we have an image/document gallery popup-page that is used to upload documents and images to our Windows 2003 Web Edition server. Unfortunatly, it seems that the C# code used to write the file on the server fails autentication , and I get the following exception:
Access to the path "Inetpub/Website/Images/My
at System.IO.File.Delete(Stri
On our windows xp workstations, we were able to get the code working by simply granting the account aspnet write-access. However, this method fails to rememdy the problem on the Windows 2003 server. Which account should one grant access in order to get the upload working?
I think a checklist of steps needed in order to grant asp.net access to certail folders would help a great deal.
Thanks!
Currently I find myself banging my head against a wall.
We wrote a website in ASP.Net. As part of our administration backend, we have an image/document gallery popup-page that is used to upload documents and images to our Windows 2003 Web Edition server. Unfortunatly, it seems that the C# code used to write the file on the server fails autentication , and I get the following exception:
Access to the path "Inetpub/Website/Images/My
at System.IO.File.Delete(Stri
On our windows xp workstations, we were able to get the code working by simply granting the account aspnet write-access. However, this method fails to rememdy the problem on the Windows 2003 server. Which account should one grant access in order to get the upload working?
I think a checklist of steps needed in order to grant asp.net access to certail folders would help a great deal.
Thanks!
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
2
4 Comments
Hi,
Because the Framework built in security does not allow this unless the user that the code is running under (which by default for a Web Service is ASPNET I believe) has rights to the drive. You need to do one of three things:
1) Change the rights that the user ASPNET has. Very bad idea. Major security issues.
2) Change the user that the Web Service is running under to one that has the correct rights. Better than 1) but still a big security risk.
3) Read up on impersonation and change the code to impersonate a user that has rights to the drive - for only the amount of time that you are actively accessing the files. Best option from a security standpoint, but most work to get working. I have had mixed luck with impersonation - but I know that the issues that I have are understanding issues, not implementation issues.
One important thing is ...(if you are using this option) : You can't access mapped drives from a service because mapped drives are user-specific and become available when a physical login takes place. Services don't have an associated user session. Use a UNC path instead.
i think it may help you...
best of luck..
R.K
Because the Framework built in security does not allow this unless the user that the code is running under (which by default for a Web Service is ASPNET I believe) has rights to the drive. You need to do one of three things:
1) Change the rights that the user ASPNET has. Very bad idea. Major security issues.
2) Change the user that the Web Service is running under to one that has the correct rights. Better than 1) but still a big security risk.
3) Read up on impersonation and change the code to impersonate a user that has rights to the drive - for only the amount of time that you are actively accessing the files. Best option from a security standpoint, but most work to get working. I have had mixed luck with impersonation - but I know that the issues that I have are understanding issues, not implementation issues.
One important thing is ...(if you are using this option) : You can't access mapped drives from a service because mapped drives are user-specific and become available when a physical login takes place. Services don't have an associated user session. Use a UNC path instead.
i think it may help you...
best of luck..
R.K
In 2003/IIS 6.0 the ASPNet account is only used if you are running in IIS 5.0 Compatability Mode - otherwise it runs as whatever account the Application Pool is configured as (Network Service by default).
If you add the IIS_WPG group with Write permissions it may resolve the issue (it contains the accounts that are allowed to run Application pools).
Dave Dietz
If you add the IIS_WPG group with Write permissions it may resolve the issue (it contains the accounts that are allowed to run Application pools).
Dave Dietz
Thanks you guys,
In the end we were able to get the upload working by impersonation. Thank you for pointing out that IIS 6 runs in a network service account, and not the aspnet account we use for development.
I think it might be worthwhile to invest in a good book on IIS6 Administration. Do you have any recommendations for such a book?
Many thanks,
FVDW
In the end we were able to get the upload working by impersonation. Thank you for pointing out that IIS 6 runs in a network service account, and not the aspnet account we use for development.
I think it might be worthwhile to invest in a good book on IIS6 Administration. Do you have any recommendations for such a book?
Many thanks,
FVDW
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
In our day to day coding, how many times have we come across a necessity to check whether a URL is a broken link or not?
For those of you that answered countless and are using ColdFusion like myself, then this article is for you. It will show yo…
What You Need to Know when Searching for a Webhost Provider
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB.
How Percona can help
Percona can help you determine if Percona Server for MongoDB is the right solution for …
Suggested Courses
Course of the Month12 days, 21 hours left to enroll
777 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.