Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

IIS permissions issues for IUSR guest account

Posted on 2008-10-15
5
Medium Priority
?
3,559 Views
Last Modified: 2008-10-23
I have a website that I moved from the current web host to our in house server.  It utilizes asp pages and Access databases.  When testing, it will not allow the IUSR_Servername internet guest account to access the index.asp page unless I give it WRITE permissions on the wwwroot folder.  Since I wouldn't think that the WRITE permission is generally recommended to give to anonymous users, how do I resolve this issue?  What are the recommended security settings in general for asp pages?
0
Comment
Question by:bleujaegel
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 1

Accepted Solution

by:
Abh4IT earned 750 total points
ID: 22729378
Hi,

Yes you should not provide write access to anonymous users. What you should do is in your asp page you should authenticate/imporsonate as another user who has enough permissions. When working on ASP.NEt this is better since you can provide required rights to ASPNET user.

Hope this helps
0
 
LVL 2

Author Comment

by:bleujaegel
ID: 22731562
So I should give read to IUSR and write to the ASPNET user and it should work?
0
 
LVL 15

Assisted Solution

by:pcsmitpra
pcsmitpra earned 750 total points
ID: 22731656
Read only for IUSR, If you are running IIS 6 then add NETwork Service and give it Execute access. Add ASPNET in case of IIS5.
0
 
LVL 2

Author Comment

by:bleujaegel
ID: 22779698
I tried the network service with execute (even tried FULL), but page would not display.  I stripped down the permissions to start over, and now I have:

administrators: FULL
IIS_WPG: Read & Execute, List folder contents, and read
Internet Guest Account IUSR_Servername: Read & Execute, List folder contents, read, and write
SYSTEM: FULL
Users: Read & Execute, List folder contents, and read

Still as soon as I take the WRITE permission away from the Internet Guest Account IUSR_Servername, then the .asp page won't display and gives an error.

I like the idea of impersonating a user, so I'll try that next, but don't know the syntax of how to set that up.  I'll give it a google.
0
 
LVL 3

Expert Comment

by:jandelbasanal
ID: 23343925
Kindly check the IIS settings first if you allow or specify execute permissions.You can check also configuration if asp extension has been added.I guess this a security related settings you encountered.

Can you create just a simple asp scripts on other folder?this is just to verify your IIS running fine with asp.Pls do check also folder security permissions on local drive or home folder.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Logparser is the smartest tool I have ever used in parsing IIS log files and there are many interesting things I wanted to share with everyone one of the  real-world  scenario from my current project. Let's get started with  scenario - How do w…
First of all, clustering IIS is something you should rarely consider doing. In almost all cases, Microsoft Network Load Balancing (NLB) (http://technet.microsoft.com/en-us/library/cc758834(WS.10).aspx) is a much better solution when you need to p…
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question