Avatar of paulfree
paulfreeFlag for United States of America

asked on 

Group Policy and Framework asp.net permissions.

We are installing a new web server on a windows 2008 Server R2.   Our web pages are failing because of write permissions on the ASP.NEt temporary file directory.   If I go in and reset the permissions on the directory so that all users have write access everything works okay for about an hour.  It then seems as if the GPO is being applied and the permissions keep getting reset.

The Domain Group Policy is on a Windows 2003 server which is still our Primary Domain Controller.

We do not seem to have this problem on our old web server which is also Windows 2003 server. How can I update the permissions or modify the group policy so that my permissions do not get reset?

.NET App ServersWindows Server 2008Active Directory

Avatar of undefined
Last Comment
Avatar of David Johnson, CD
David Johnson, CD
Flag of Canada image

add the users i.e. default web site  and the app pools to the their own OU and then apply policy as per that group
Avatar of e_aravind
Flag of India image

Want to try changing the temp location?

Related Link:
Process and request identity in ASP.NET

Excerpt from the above KB article:
Note If you change the machine.config to save the ASP.NET temporary files in a different location, the ASPNET account must have the List Folder Contents access type on the root level of the drive.

>> You want to move this server out of the GPO?

Avatar of paulfree
Flag of United States of America image


I am not sure about moving it out of the GPO.  I have turned this over to the company that developed the web app.  It was running fine on my Windows 2003 server and the same exact web site is running into this problem on the Windows 2008 R2 server.

I am not very familiar with the inards of GPO and Framework so I think I will just let the developer sort things out.  
Avatar of e_aravind
Flag of India image

Blurred text
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
the above kb article is not relevant .. web sites now show up in the 'users' folder with iis 7 and above, windows 2003 uses iis 5.x
Avatar of e_aravind
Flag of India image

My Plan\thought was
- To try and move the temp-directory for the asp.net out of the default location to some other drives.
IMO, the default asp.net temp location is: (similar to the following)
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files


Note: On my Windows 2008 machine, i dont see the following XML configuration
(tempDirectory) as per the  http://msdn.microsoft.com/en-us/library/s10awwz0.aspx ....at my machine.config files.
Avatar of paulfree
Flag of United States of America image


I moved all of my servers to a separate OU and turned off inheritance. Now each server is using the local rather than the domain group policy which seems to have done the trick,
Windows Server 2008
Windows Server 2008

Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.

Top Experts
Get a personalized solution from industry experts
Ask the experts
Read over 600 more reviews


IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo