Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

.net user permissions in IIS

58 views
Skip to first unread message

Fox1977

unread,
Feb 8, 2007, 6:35:10 AM2/8/07
to
Hi folks,

Just wondering if anyone can help me out with this problem I'm having
getting a particular .net web application to run on a windows 2003 r2
x64 platform running as a domain account.

Our current setup is as follows:

We have a windows 2003 domain with 4 web servers in. Two of them are
windows 2003 sp1 and I am trying to bring two new ones online. These
are new windows 2003 x64 R2 boxes. The web sites we run as domain
accounts as they need to access resources and shared folders on other
servers within the domain.

We have a built our own imageresizer application that runs in .net
1.1. (I think). Apologies if some of my programming terminology is a
bit rubbish as I'm a sys admin by nature.

On the older servers with have the following versions of the .net
framework installed (these are the folders from windows/microsoft.net
folder)1.0.33, 1.0.37. 1.1.43. The new servers have the following
versions on them 1.0.37, 1.1.43 and 2.0.50. On the new servers there
is also a folder called framework64.

When I try to run the application in the browser in a site running as
a domain account I get the following .net error:

Server Error in '/IMAGERESIZER' Application.
________________________________________
Access is denied. (Exception from HRESULT: 0x80070005
(E_ACCESSDENIED))
Description: An unhandled exception occurred during the execution of
the current web request. Please review the stack trace for more
information about the error and where it originated in the code.

Exception Details: System.UnauthorizedAccessException: Access is
denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))

ASP.NET is not authorized to access the requested resource. Consider
granting access rights to the resource to the ASP.NET request
identity. ASP.NET has a base process identity (typically {MACHINE}
\ASPNET on IIS 5 or Network Service on IIS 6) that is used if the
application is not impersonating. If the application is impersonating
via <identity impersonate="true"/>, the identity will be the anonymous
user (typically IUSR_MACHINENAME) or the authenticated request user.

To grant ASP.NET access to a file, right-click the file in Explorer,
choose "Properties" and select the Security tab. Click "Add" to add
the appropriate user or group. Highlight the ASP.NET account, and
check the boxes for the desired access.

Source Error:
An unhandled exception was generated during the execution of the
current web request. Information regarding the origin and location of
the exception can be identified using the exception stack trace
below.

Stack Trace:

[UnauthorizedAccessException: Access is denied. (Exception from
HRESULT: 0x80070005 (E_ACCESSDENIED))]

[FileLoadException: Could not load file or assembly
'System.Web.RegularExpressions, Version=2.0.0.0, Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a' or one of its dependencies. Access is
denied.]
System.Web.Configuration.RegexWorker..cctor() +0

[TypeInitializationException: The type initializer for
'System.Web.Configuration.RegexWorker' threw an exception.]
System.Web.Configuration.RegexWorker.Lookup(String from) +0
System.Web.Configuration.RegexWorker.get_Item(String key) +4
ASP.BrowserCapabilitiesFactory.MozillaProcess(NameValueCollection
headers, HttpBrowserCapabilities browserCaps) +449
ASP.BrowserCapabilitiesFactory.DefaultProcess(NameValueCollection
headers, HttpBrowserCapabilities browserCaps) +2568

ASP.BrowserCapabilitiesFactory.ConfigureBrowserCapabilities(NameValueCollection
headers, HttpBrowserCapabilities browserCaps) +21

System.Web.Configuration.BrowserCapabilitiesFactoryBase.GetHttpBrowserCapabilities(HttpRequest
request) +159

System.Web.Configuration.HttpCapabilitiesEvaluator.EvaluateFinal(HttpRequest
request, Boolean onlyEvaluateUserAgent) +23

System.Web.Configuration.HttpCapabilitiesEvaluator.Evaluate(HttpRequest
request) +182

System.Web.Configuration.HttpCapabilitiesBase.GetBrowserCapabilities(HttpRequest
request) +162
System.Web.HttpRequest.get_Browser() +134

System.Web.ErrorFormatter.RequiresAdaptiveErrorReporting(HttpContext
context) +104

I can get the application to run successfully when I add the domain
user to the local administrators group but this really isn't an option
as we cannot have sites running as local admin users. I can also get
the application to run ok when it is running on a site running as the
anonymous IIS user.

I am presuming that the error message is down to not being able to
access this file System.Web.RegularExpressions. How do i go about
setting the permissions for our domain user to access the .net files
without granting them administrator privileges.

Much appreciated


John

Peter Bromberg [C# MVP]

unread,
Feb 8, 2007, 7:06:00 AM2/8/07
to
Fox1977,
The exception message has all the information you need to correct this
problem.
You can right -click on the folder containing the resources where access is
denied, choose the Security Tab, and either grant permission to the required
account, or add the needed account and grant it permission. If it needs to be
a domain account, you can add it there.
Peter

--
Site: http://www.eggheadcafe.com
UnBlog: http://petesbloggerama.blogspot.com
Short urls & more: http://ittyurl.net

Fox1977

unread,
Feb 8, 2007, 12:01:11 PM2/8/07
to
I've just granted a domain group I created access to the windows
folder and it seems to have sorted the problem.

Thanks

On 8 Feb, 12:06, Peter Bromberg [C# MVP]

0 new messages