tags:

views:

965

answers:

3
+1  Q: 

SPFarm.Local.Solutions.Add - Exception - "Access Denied"

Here is my code snippet:

SPSecurity.RunWithElevatedPrivileges(delegate()
{
    SPSolution newSolution = SPFarm.Local.Solutions.Add(@fullPath);                            
});

The stacktrace and innerexception give no further clues. The Exception.Source says Microsoft.SharePoint.

SPFarm.Local.CurrentUserIsAdministrator() returns TRUE for the userid.

The userid is in the Farm Administrators group.

Any ideas?

EDIT

I have changed my code to the following and still get the Access Denied error:

private void AddSolution()
{
   SPSolution newSolution = SPFarm.Local.Solutions.Add(@fullPath);
}

SPSecurity.CodeToRunElevated elevatedAddSolution = new SPSecurity.CodeToRunElevated(AddSolution);
SPSecurity.RunWithElevatedPrivileges(elevatedAddSolution);
+1  A: 
Charlie  2009-02-11 14:25:25
What is meant by your first question?
hobbyman  2009-02-11 14:51:56
I meant basically trying what you have done above, although it appears not to have worked.
Charlie  2009-02-11 14:56:48
Are you running this on a local web service as previously discussed?
Charlie  2009-02-11 15:02:20
I haven't gotten that far yet. Right now I have it in an ASPX page in _layouts. It worked a couple of weeks ago but now it does not.
hobbyman  2009-02-11 15:04:16
+1  A: 

I do believe that the issue you are having is due to the fact that you are using the static member to access the SPFarm object. I think that it is similar to running the SPcontext static class which will still run under the security context of the logged on user and not under the elevated privledges context (which is the local application pool identity).

Try this instead inside your delegate:

SPFarm spFarm = SPWebService.AdministrationService.Farm;
SPSolution newSolution = spFarm.Solutions.Add(@fullPath);

EDIT: Since the above didn't help then your issue probably has to do with database permissions to the config database. The RunWithElevatedPriviliges will run under the application pool's identity that the code is running under. Adding a solution to your farm affects the configuration database so your application pool identity will need access to the config database. As a test try adding the app pool identity to the config db and give it dbo permissions. If that fixes the issue then you will need to find the minimum amount of permissions that each of your app pool accounts will need to add solutions (do not leave as dbo)

webwires  2009-02-11 16:12:21
Made that change but still get the same error.
hobbyman  2009-02-11 16:52:07
I'm showing my laziness and ignorance. How do I find the name of the CONFIG DB?
hobbyman  2009-02-11 17:56:14
Registry: HKLM\Software\Microsoft\Shared Tools\Web Server Extensions\12.0\Secure\ConfigDb
webwires  2009-02-11 19:41:57
+1  A: 

Your main problem might just be that you are not DBO of a sharepoint database (_Config if I'm not wrong). Adding a solution to a farm is something that require more rights than just access to the farm.

Be sure that the user running this is Farm Administrator and DBO of the proper database.

If you still have problem... try running

stsadm -o addsolution -filename "myWsp.wsp"

If you have the proper right, it will give you the proper error.

Maxim  2009-02-12 05:03:05
That is what the problem is. I run stsadm, it gets and error, I look in the event logs and it says my userid does not have access to the config database.
hobbyman  2009-02-12 13:15:37

related questions

Upgrading Sharepoint 3.0 to SQL 2005 Backend?
Webpart registration error in event log
Sharepoint COMException 0x81020037
Transactional Design Pattern
Deploying InfoPath forms to different SharePoint servers
Profiling/Optimizing (Sharepoint 2007) Web Parts
Retreiving the PC Name of a Client? (Windows Auth)
What's the best way to report errors from a SharePoint workflow?
How to get out parameters working in SharePoint workflows
Editing User Profile w/ Forms Authentication
WSS/MOSS Book
Creating a development environment for SharePoint.
Sharepoint Wikis
Have you used a wiki in your project or group?
Can I copy files to a Network Place from a script or the command line?
How do you deploy your SharePoint solutions?
SharePoint WSS 3.0 Integration with Mac OSX (either Safari or Firefox)
SharePoint - Connection String dialog box during FeatureActivated event
How can I improve the edit-compile-test loop when developing a SharePoint workflow?
Best ajax library for Sharepoint
Alternative Hostname for an IIS web site for internal access only
How to reference to multiple version assembly
MOSS SSP problem - Failed database logons from deleted SSP
Sharepoint: executing stsadm from a timer job + SHAREPOINT\System rights
Can ASP.NET AJAX partial rendering work inside a SharePoint 2007 application page?