Re: Security issues with Win2003 and ASPNet app
From: Dominick Baier [DevelopMentor] (dbaier_at_pleasepleasenospamdevelop.com)
Date: Thu, 28 Apr 2005 08:26:20 -0700
you can configure the identity of your web service using the Application
Pool feature of IIS6.
Add a new AppPool - give it an identity (local or domain) - and add the web
service application to the AppPool (WebApp properties)
Add the account to IIS_WPG and give it access to \windows\microsoft.net\framework\v\temporary
asp.net files\ and \windows\temp
Dominick Baier - DevelopMentor
> I have an ASP.NET Web Service and Web Site. It accesses a SQL
> database for its data and retrieves images from another server.
> There are 4 servers all running Win 2003 as follows...
> 1 - Domain Controller
> 2 - SQL Server
> 3 - IIS Server (runs Web Service and Web Site)
> 4 - File Server (stores all the image files)
> I am having lots of issues with permissions because my Web Service is
> running as a user under a LOCAL group IIS_WPG on the IIS Server and I
> don't know how to give it the necessary permissions to access the SQL
> Server and the Images on different machines.
> I think what I need to do is create a Domain Account, give it the
> appropriate permissions and then somehow get my Web Service to run
> using that user account. I did try this using 'impersonate' but then
> it appeared i didn't have permission to tun ASP.NET stuff!
> Can anyone give me tips on how to accomplish this, or point me to a
> resource that explains how I can accomplish this.
> Thanks for any help