Re: ASP.NET application cannot access network drive
From: James N (email_this_guy_at_yahoo.com)
Date: 07/18/03
- Next message: Yan-Hong Huang[MSFT]: "RE: Impersonation on Windows Server 2003"
- Previous message: Dmitry: "Directory services lookup"
- In reply to: Naveen K Kohli: "Re: ASP.NET application cannot access network drive"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 17 Jul 2003 18:58:12 -0700
I GOT IT TO WORK! WOOHOOOO!!!!
I finally figured out a way to disable all "guest" access to the NAS
drive, and only allow my ASP.NET application to access it. The solution
was to create a new "ASPNET" user account on the NAS drive WITHOUT
setting any password. This "ASPNET" account is made to correspond to
the same "ASPNET" user account that IIS uses to execute the ASP.NET
application in the Windows environment.
The key here is to leave the password field blank. The reason for this
is that (although I could be wrong) notice in the machine.config file
(at least my machine.config file) that the username/password attributes
of the <processModel> tag is "machine"/"AutoGenerate". This gives me
the notion that the password for Window's "ASPNET" account is
automatically generated by Windows/IIS, thus, requiring the password
field in NAS to be set blank (to accept any password that IIS may have
generated) for its ASPNET user. Only then will it be possible for the
NAS to authenticate the ASPNET user and allow access. By allowing only
the "ASPNET" user and disallowing the "guest" user, I believe that my
NAS will now be safe from any unwanted network intruders.
And finally thanks to everyone who has offered input and tried to help.
Oh, one more thing to note, and this may probably invalidate my whole
reasoning above. A lot of advices I get from ppl on these forums is to
create a user account on the NAS that matches the user account that the
Windows' aspnet_wp.exe worker process uses. What I did above is the
same thing, just that I didnt not set a password for the account.
So I decided to try setting a same password for the "ASPNET" user both
in Windows ("Admin Tools" -> "Comp Management" -> "Local Users and
Groups" -> "Users") and in NAS. I also modifed the <processModel> tags
in machine.config so that username/password = "ASPNET"/"(password)".
Strangely, this did not work.
Some other people say to let the aspnet_wp.exe process use an existing
Window user's account to run. So in machine.config I set
username/password = "myUsername"/"(myPassword)". I created the same
account on the NAS as well. Again, sadly, this method did not work
either.
But who cares now??!! It working!! LOL
*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
- Next message: Yan-Hong Huang[MSFT]: "RE: Impersonation on Windows Server 2003"
- Previous message: Dmitry: "Directory services lookup"
- In reply to: Naveen K Kohli: "Re: ASP.NET application cannot access network drive"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
