Solved

IIS permissions issues for IUSR guest account

Posted on 2008-10-15
5
3,540 Views
Last Modified: 2008-10-23
I have a website that I moved from the current web host to our in house server.  It utilizes asp pages and Access databases.  When testing, it will not allow the IUSR_Servername internet guest account to access the index.asp page unless I give it WRITE permissions on the wwwroot folder.  Since I wouldn't think that the WRITE permission is generally recommended to give to anonymous users, how do I resolve this issue?  What are the recommended security settings in general for asp pages?
0
Comment
Question by:bleujaegel
5 Comments
 
LVL 1

Accepted Solution

by:
Abh4IT earned 250 total points
ID: 22729378
Hi,

Yes you should not provide write access to anonymous users. What you should do is in your asp page you should authenticate/imporsonate as another user who has enough permissions. When working on ASP.NEt this is better since you can provide required rights to ASPNET user.

Hope this helps
0
 
LVL 2

Author Comment

by:bleujaegel
ID: 22731562
So I should give read to IUSR and write to the ASPNET user and it should work?
0
 
LVL 15

Assisted Solution

by:pcsmitpra
pcsmitpra earned 250 total points
ID: 22731656
Read only for IUSR, If you are running IIS 6 then add NETwork Service and give it Execute access. Add ASPNET in case of IIS5.
0
 
LVL 2

Author Comment

by:bleujaegel
ID: 22779698
I tried the network service with execute (even tried FULL), but page would not display.  I stripped down the permissions to start over, and now I have:

administrators: FULL
IIS_WPG: Read & Execute, List folder contents, and read
Internet Guest Account IUSR_Servername: Read & Execute, List folder contents, read, and write
SYSTEM: FULL
Users: Read & Execute, List folder contents, and read

Still as soon as I take the WRITE permission away from the Internet Guest Account IUSR_Servername, then the .asp page won't display and gives an error.

I like the idea of impersonating a user, so I'll try that next, but don't know the syntax of how to set that up.  I'll give it a google.
0
 
LVL 3

Expert Comment

by:jandelbasanal
ID: 23343925
Kindly check the IIS settings first if you allow or specify execute permissions.You can check also configuration if asp extension has been added.I guess this a security related settings you encountered.

Can you create just a simple asp scripts on other folder?this is just to verify your IIS running fine with asp.Pls do check also folder security permissions on local drive or home folder.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Exchange Activesync 441 in logs 2 126
Allow X-Forwarded-For Headers to Site or No? 3 88
Disable SSLv3.0/TLSv1.0 - Windows 2012R2 3 65
How to redirect sub-domains on IIS 4 41
Lync server 2013 or Skype for business Backup Service Error ID 4049 – After File Share Migration
When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question