Solved

Create folder in Virtual Directory

Posted on 2009-04-06
18
1,066 Views
Last Modified: 2012-05-06
OK, I have my web server and a seperate network storage server both on the same domain. I have setup a virtual directory in IIS pointing to a folder on the storage server with user credentials that have access to this folder on the storage server hard coded.

Now I need to be able to create folders within this virtual directory (on the storage server) but I can't seem to figure out how to do this. I can browse the files/folders within the virtual directory without a problem. But when I try to create a folder, I get "File Not Found".

The code I am using is attached. I did a response.write of the folderpath and it does come back with the full network path to the storage server. In the example code the folder I want to create is "123456". Does anyone have any ideas?
Dim folderpath
folderpath = Server.MapPath("/Presentations/123456")
 
			Set fs = Server.CreateObject("Scripting.FileSystemObject")
			If fs.FolderExists(folderpath) = true then
			  'Folder already exists, do not create folder
			Else
			  fs.createfolder(folderpath) 
			End if
			Set fs = Nothing

Open in new window

0
Comment
Question by:MDauphinais1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 11
  • 5
  • 2
18 Comments
 
LVL 37

Accepted Solution

by:
meverest earned 500 total points
ID: 24082758
permissions issue?  check access rights on the share and on the physical disk location/s.

Cheers.
0
 

Author Comment

by:MDauphinais1
ID: 24082778
The storage server folder has read/write access for the user account that is hard coded in IIS, the IIS account of the IIS server, and the "Everyone" account.
0
 

Author Comment

by:MDauphinais1
ID: 24082788
Plus what doesn't make sense is that the error says "File Not Found"  and not "Access Denied". No kidding file not found... it's suppose to be creating the folder!
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:MDauphinais1
ID: 24082792
The line where the error occurs is:   fs.createfolder(folderpath)
0
 
LVL 37

Expert Comment

by:meverest
ID: 24082837
Hi,

it is not uncommon for a file not found error to be displayed when there is a permissions problem.

did you check the /share/ permissions - which are independent of disk level rights.

what is the unc path reported by response.write(folderpath)?

Cheers.
0
 

Author Comment

by:MDauphinais1
ID: 24082915
\\server\folder1\folder2\folder3

As far as the security on the virtual directory since it is a network resource the only thing set is the "Network Directory Security Credentials" which is where the account I mentioned is hard coded.
0
 

Author Comment

by:MDauphinais1
ID: 24082951
Sorry, the account has Read, Write, and Browse permissions on the Virtual Directory.
0
 
LVL 37

Expert Comment

by:meverest
ID: 24083003
Hi,

so you have looked at the security resources on the network share at "\\server\folder1"?  Have you also checked the the application pool identity has relevant access rights?

try enabling access logging/auditing on the remote server and try to find out where access is failing, and what user is attempting the access.

Cheers.
0
 

Author Comment

by:MDauphinais1
ID: 24083044
If it is using the full UNC path instead of the virtual directory path... then it is no longer using the virtual directory rights correct? So then wouldn't I need to change the path it is using? The IIS server itself cannot access this server, that's why I have specified credentials for the virtual directory. If I am accessing the UNC directly it would be trying to use the IIS server credentials instead of the ones I specified correct?
0
 

Author Comment

by:MDauphinais1
ID: 24083067
When I try the same setup from another IIS server that is logged in with my domain credentials it works fine. So is there another way I am suppose to access the virtual directory or do I need to pass credentials with the UNC path?
0
 
LVL 37

Expert Comment

by:meverest
ID: 24083190
Hello,

>> If it is using the full UNC path instead of the virtual directory path... then it is no longer using the virtual directory
>> rights correct?

no - access is controlled at the first by credentials on the share name (i.e. \\server\folder1) and so long as access to the *share* is allowed, then rights against the physical location (i.e. c:\folder\folder1\folder2\folder3) is checked.  If you only have read access to the share, then you will not be able to write to the subdirectory location regardless of what the ntfs access rights are set to.

>> So then wouldn't I need to change the path it is using? The IIS server itself cannot access this server, that's
>> why I have specified credentials for the virtual directory.

perhaps you are confusing the difference between IIS access and script access to the filesystem object?  Or perhaps I am misunderstanding what you are trying to tell me.

>> If I am accessing the UNC directly it would be trying to use the IIS server credentials instead of the ones I
>> specified correct?

sorry, you need to explain what you mean by "If I am accessing the UNC directly" - you mean use of scripting.filesystemObject is accessing directly?

Cheers.
0
 

Author Comment

by:MDauphinais1
ID: 24083243
Hmm.. ok.

As I understand it, there are two methods of accessing the storage server
1. Full UNC path (i.e.: \\server\folder1\folder2\folder3)
2. The Virtual Directory path (i.e.: http://webserver/virtualdirectory)

Option 1 bypasses the Virtual Directory settings and uses the web server's credentials to access the network resource directly. Option 2 uses the virtual directory settings. Correct so far?

Therefore, if the web server does not have access to the network resource itself (i.e.: if no domain user is physically logged into the web server machine) then Option 1 won't work without passing credentials with the UNC path (which I am not sure if you can do).

But when I try to create the folder using the Option 2 path method, I get "Bad file name or number" as an error.
0
 

Author Comment

by:MDauphinais1
ID: 24083338
Although, either way the share permissions on the folder on the storage server has "Everyone" included so none of this should matter. I should have the proper rights either way but for some reason I don't?
0
 
LVL 37

Expert Comment

by:meverest
ID: 24083847
Hi,

>> As I understand it, there are two methods of accessing the storage server
>> 1. Full UNC path (i.e.: \\server\folder1\folder2\folder3)
>> 2. The Virtual Directory path (i.e.: http://webserver/virtualdirectory)

number 2 has no real relevance in this context.  The virtual directory ("/virtualdirectory") must map to a physical path (perhaps \\server\folder1\folder2\folder3 ?) and to access it with the filesystem object, you can only use the latter - the IIS virtual directory path has NO RELEVANCE AT ALL to the filesystem object - that is why you need to use server.MapPath

When you set up the virtual directory and enter the relevant credentials, you only do that for IIS access - it does not (necessarily) follow that the ASP.NET application will use those credentials to access the remote resource - that is why I suggest that you use system audit to determine what user is attempting access and what resource it is attemtpting to lock.

Cheers.

Cheers.
0
 
LVL 4

Expert Comment

by:rentonc
ID: 24086377
Hi MDauphinais1,

Just to make things clearer, you always use the full path when using the FileSystemObject. Using server.mappath simply converts a virtual path to a full physical path.

:)
0
 

Author Comment

by:MDauphinais1
ID: 24087319
Can I hard code credentials for the FileSystemObject to use?
0
 
LVL 4

Expert Comment

by:rentonc
ID: 24087385
You could..however its always better to use the server.mappath to make sure you are in the right directory for your website.
Getting the root of your current site with server.mappath would be:

server.mappath(".")

Then you could code in your folder names after the mappath, like:

filepath = server.mappath(".") & "/folder1/folder2/filename.txt"

This would give you the root virtual path followed by whichever folder you decide to look down.

Chris
0
 

Author Comment

by:MDauphinais1
ID: 24117383
So after all that, I found an article on the web that talks about this very issue. I had to remove Windows Authentication and enable Anonymous Access but specify the anonymous user as a specific domain account that had rights to the other server. Once I did this it worked fine. So that's great but your can't use Windows Authentication with Anonymous Access so I can't get the windows user name of the logged in user automatically anymore which means I will have to create a login screen. Not hard as I already have one made but I wanted a seemless login without a login screen so I can't figure out how to get the best of both worlds. Thanks for the help.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Deploying a Microsoft Access application in a Citrix environment is not difficult but takes a few steps. However, Citrix system people are often of little help, as they typically know next to nothing about Access. The script provided here will take …
If you need to start windows update installation remotely or as a scheduled task you will find this very helpful.
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question