Solved

Access to Shared/Mapped Folder with FSO in ASP.net

Posted on 2004-08-31
8
274 Views
Last Modified: 2013-11-25
This issue is starting p*ss me off a bit.

I created a page in regular ASP/IIS 5.0 on my PDC to go find files on my file server and write the links back to the page as HTTP links using a Virtual Directory Path.
So users can click and download the files.

All works fine. I do remember adding a IUSR_IISSERVERNAME account to the File Server to allow me access to the shared files.
Or atleast thats what i thought it was for.

Now I am in the process of doing the exact same thing on a Different IIS server in ASP.net to speed up performance.

I get the error: Logon failure: unknown user name or bad password.
Regardless of how i reference the path. \\Server\Share or H:\Share (Mapped Drive) i get this error. I even tried \\server\H$\Share
I tried adding the new IUSR_IISSERVERNAME to the File Server and gave the account read permissions but with no success.

i call the file lookup with the System.IO.Directory.GetFiles(path,name) command
I am sure this a permissions issue relating to the IUSR_SERVERNAME account not having the rights to access the network share.

Any help would be greatly appreciated with this.

To make things more clear here is a link with basically my exact same problem
http://www.dotnet247.com/247reference/msgs/2/10167.aspx












 
0
Comment
Question by:DTRON04
  • 3
  • 3
  • 2
8 Comments
 
LVL 17

Assisted Solution

by:AerosSaga
AerosSaga earned 100 total points
Comment Utility
did you try both of these workarounds?

This was well documented for ASP,
and should behave the same way for ASP.NET,
since it's a permissions problem.

Basically, when you access a dir/file on a network share,
it's your MACHINE which is accessing and the user
account doing the accessing is IUSR_computername.

Resolution is creating a user account on the computer on which
the network share resides and assigning the proper access
permissions to that account. This account MUST be named
with the EXACT name AND password which the anonymous
account has in the box hosting the web server ( and ASP.NET ).

Some database operations run under the SYSTEM account.
Those operations will fail with database files on the network share.

But directory listings and other operations on text/xml/html files,
like parse/copy/modify/delete, will work.

regards,

Juan T. Llibre
Microsoft MVP [IIS/ASP]
ASP.Net En Español : http://207.176.17.140

or:

If you are usoing winNT you will notice the difference when you assign a directory tu a website in IIS

Local drives are assigned differently than the network drive (2 different choices) That means the IIS treat them differently. Can you get a clue from this.

I think if the directory is a sub directory of the web dir assigned in IIS it will work. Others have to be accessed via a virtual dir.

Create a virtual dir in IIS for the net work drive you want to acces and then access the virtual dir from ASP.net.

This should work.

I am sure there is a similar procedure in Appache also!
0
 

Author Comment

by:DTRON04
Comment Utility
hey aero

well i tried the IUSR_IISSERVER2 added to the local Filer Server account but it does not treat it the same way it treats my PDC IUSR_ACCOUNT.
Basically active directory does not list the IUSR account for the second web server. So i think that is why it is not working.

With the virtual directory solution what would be the specific path i should use?
That is what is confusing me.

I know how to buld the http link to use the virtual directory but is this how i should reference when doing the FSO lookup.
Thanks


0
 
LVL 17

Expert Comment

by:AerosSaga
Comment Utility
I think what its saying is that once you tell create a virtual directory in IIS you can reference it from the virtual root of the IIS dir like /MyMapedServerVirtualDirectory/files.aspx
0
 
LVL 10

Expert Comment

by:jnhorst
Comment Utility
DTR:

You probably need to add the following to your web.config:

<identity impersonate="true" />

This is not in web.config by default, and this causes ASP.NET to attempt to access server resources under the local ASPNET account.  With allow anonymous enabled, when you add the identity tag above, it will tell ASP.NET to use the IUSR_<machine> account instead.  This should solve the problem.

John
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 

Author Comment

by:DTRON04
Comment Utility
Okay i added that line to web.config
Now instead of the error it prompts me for user name and pass when it tries to access the share.
or when typing in the exact path to a file in the virtual directory as the address.

Here is what i have done so far.

Setup Virtual Directory with anymouse access and connected with the administrators account
Added the IUSR_IISSERVER user to the FS01 to match what the actual IIS default account.
Added the <identity impersonate="true" /> to the web.config

Now i did find this article that addresses my issue with a COM+ solution.
http://www.15seconds.com/issue/030926.htm

Have either of you guys done what i am trying to do?
If so did it work for you?







0
 
LVL 10

Accepted Solution

by:
jnhorst earned 400 total points
Comment Utility
OK, I think I see.  I originally thought you were trying to get to files on your PDC box (the one with IIS, right?).  Since you are trying to navigate to another server by way of a UNC path (I assume), what you want to do is create a *domain* account (not a local account on the file server) and give that domain account the necessary privileges for the file share.  Then change the IIS setting to use that domain account to authenticate anonymous requests.  Leave the <identity /> tag in web.config.

I did something like this before where I built a menu system based on the folder tree of a share on the file server and then had links to the files that were in the folders.  I had to have a domain account for anonymous access so I could grant persmission to the file server share.

John

0
 

Author Comment

by:DTRON04
Comment Utility
Well i am fresh this morning
Thanks jnhorst your explanation worked perfectly.
im not sure why i couldn't contemplate that yesterday but all looks perfect now.
I appreciate both your answers as they were correct.
Aeros you will be getting the full 500 from the other question you helped me with yesterday.

Thanks!!


0
 
LVL 17

Expert Comment

by:AerosSaga
Comment Utility
Your very welcome, glad I could be of some assistance.
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

In an ASP.NET application, I faced some technical problems. In this article, I list them out and show the solutions that I found.  I hope it will be useful. Problem: After closing a pop-up window, the parent page should be refreshed automaticall…
Whether you've completed a degree in computer sciences or you're a self-taught programmer, writing your first lines of code in the real world is always a challenge. Here are some of the most common pitfalls for new programmers.
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA. http://www.experts-exchange.com/videos/1478/Excel-Error-Handlin…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now