I have a .net website that resides on a webserver running IIS 6.0 on win2k3 server. This includes a virtual directory that points via a UNC name to a file server. The "connect as" is set to use a service account in our AD domain that has access to the web application as well as write and modify to the file server folder. I am currently using aliasing with the service account and have set the appropriate permissions on the Miscrosoft.net temp files folder on the web server. I am unable to create a write directory or save a file. Any information will be appreciated.
views:
328answers:
2
+2
A:
First, "Connect as" passwords will not be cached forever in memory (reboot) and you may need to seek alternative to this connectivity method for that reason unfortunately.
Secondly, does the ASP.NET worker account "IUSR_IIS Machine Name" have access to the destination directory you are writing on? I am assuming no, because it will not be a known user on the remote server. This means that the "Everyone" special user/object will have to be given access (in your particular scenario).
An alternative would be to connect using a user known to both hosts.
Nikolaos
2009-10-23 20:06:15
I have a service account set up that is in our AD domain. I have set up that service account in the web.config with an identity entry as well as a connect as (which works for viewing files in the virtual folder) but doesn't help with writing. From some articles I found on the .net I added in an additional change to the .net tempfile folder on the web server which is required in order for those files to be cached. I think part of the issue is the UNC name and how the identity is passed. I will attach the code snippet in a separate comment.
Arlene Ogden
2009-10-26 13:05:46
I'm attaching a code snippet:from the default.aspx:string SaveLocation = Server.MapPath("/") + "ServerInspectionFilePath" + "\\" + ClientFileName;from web.config:<add key="UploadFolder" value="Inspections" />I think the syntax/format for the path is off. I may be forced to remote debug on the web server.
Arlene Ogden
2009-10-26 13:06:24
A:
I have this working now. In order for this to work properly you need: 1. A service account with a non-expiring password in your domain that is accessible to the web server and file server 2. You create the appropriate virtual folder with the "connect as" set to the service account with the appropriate password 3. You need to give Write permissions to the service account to the .net Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files directory on the server 4. The service account has to be given read/write/modify access to the file folder 5. The "save as" must be the full UNC name to the file server. Do not use server.map path, but the full name to the folder such as: \myserver\sharename\directory\ + filename. I am storing mine in the web.config as a key/value pair.
That sums it up.
Code snippet:
try { if (uploadDoc.FileName != "") {
if (!Directory.Exists(MyFilePath))
Directory.CreateDirectory(ServerFilePath);
if (!File.Exists(Server.MapPath(ServerFileName)))
{
uploadDoc.PostedFile.SaveAs(SaveLocation);
}
Arlene Ogden
2009-10-26 15:20:49