Re: Web.Config / Security Settings for sites NOT on sys partition
From: Grant Harmeyer (gn_harmeyer_at_hotmail.com)
Date: Mon, 13 Oct 2003 08:09:52 -0500
Worked like a charm. Another trick added to the toolbox. Thanks
"Jim Cheshire [MSFT]" <firstname.lastname@example.org> wrote in message
> Hi Grant,
> This is actually a Common Language Runtime security policy issue. The
> Common Language Runtime is not allowing assemblies located on your remote
> share the permissions necessary to run. The solution is to create a new
> Code Group to allow them to run correctly.
> * Open the .NET Framework Configuration tool from Administrative Tools.
> * Expand the Runtime Security Policy node.
> * Expand the Machine node.
> * Expand the Code Groups node.
> * Right-click on the All_Code node and choose New.
> * In the Name box, enter a name of your choice for this new code group.
> * Click Next.
> * Select URL from the checkbox.
> * In the URL box, enter the UNC share in the following format:
> In other words, if your UNC share is \\server\share, you would enter
> exactly as above. Make sure you add the "\*" at the end.
> * Click Next.
> * Select Full Trust from the dropdown.
> * Click Next.
> * Click Finish.
> After you've done that, go to a command line and run IISRESET to restart
> the worker process. You should now be able to run your app.
> Jim Cheshire [MSFT]
> Developer Support
> This post is provided as-is with no warranties and confers no rights.
> >Reply-To: "Grant Harmeyer" <email@example.com>
> >From: "Grant Harmeyer" <firstname.lastname@example.org>
> >Subject: Web.Config / Security Settings for sites NOT on sys partition
> >Date: Fri, 10 Oct 2003 15:22:32 -0500
> >Lines: 24
> >X-Priority: 3
> >X-MSMail-Priority: Normal
> >X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
> >X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
> >Message-ID: <elFavy2jDHA.email@example.com>
> >Newsgroups: microsoft.public.dotnet.framework.aspnet.security
> >NNTP-Posting-Host: 208-131-234-237.internetapollo.com 220.127.116.11
> >Path: cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!tk2msftngp13.phx.gbl
> >Xref: cpmsftngxa06.phx.gbl
> >X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
> >I have a Win2K server set up with .NET 1.1, IIS5, and I run a few
> >development test sites on this server for deployment elsewhere. Up until
> >now, there was no issue with the sites residing in the Inetpub directory
> >the sys partition. However, we are starting to consume valuable disk
> >on the sys partition. So, I have moved one of the sites (a low priority
> >to a network drive (and different partition) that is still on the same
> >physical server, just not the sys partition.
> >The .NET runtime now has what I beleive to be a security problem with the
> >site when it is being hosted from this location. It states that it can't
> >load the type (ASPX CodeBehind) of the page because of a
> >that can be fixed by adding a node to my Web.Config file. But I am unable
> >find any documentation as to what this node is, or where it is to be
> >in the Web.Config file. If I were to guess, I would say this may be an
> >instance where the web application needs to impersonate an account with
> >correct tokens for the app to run, but I'm a bit lost right now. Any
> >fixes for hosting sites off of a network drive?
> >P.S. I have ensured my ACL file settings on the site are correct, as well
> >IIS perms ( twice ;-) )
> >Grant Harmeyer