Re: Security issues with Win2003 and ASPNet app

From: Dominick Baier [DevelopMentor] (dbaier_at_pleasepleasenospamdevelop.com)
Date: 04/28/05


Date: Thu, 28 Apr 2005 08:26:20 -0700

Hello RichardF,

you can configure the identity of your web service using the Application
Pool feature of IIS6.

Add a new AppPool - give it an identity (local or domain) - and add the web
service application to the AppPool (WebApp properties)

Add the account to IIS_WPG and give it access to \windows\microsoft.net\framework\v\temporary
asp.net files\ and \windows\temp

HTH

---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

> I have an ASP.NET Web Service and Web Site. It accesses a SQL
> database for its data and retrieves images from another server.
>
> There are 4 servers all running Win 2003 as follows...
>
> 1 - Domain Controller
> 2 - SQL Server
> 3 - IIS Server (runs Web Service and Web Site)
> 4 - File Server (stores all the image files)
> I am having lots of issues with permissions because my Web Service is
> running as a user under a LOCAL group IIS_WPG on the IIS Server and I
> don't know how to give it the necessary permissions to access the SQL
> Server and the Images on different machines.
>
> I think what I need to do is create a Domain Account, give it the
> appropriate permissions and then somehow get my Web Service to run
> using that user account. I did try this using 'impersonate' but then
> it appeared i didn't have permission to tun ASP.NET stuff!
>
> Can anyone give me tips on how to accomplish this, or point me to a
> resource that explains how I can accomplish this.
>
> Thanks for any help
>
> RichardF
>



Relevant Pages

  • Re: Virtual Directory - Permission Denied with fso CopyFile
    ... TestUser (normal user account with same credentials on all machines). ... I created a share on a remote server. ... reviewing it's sharing permissions and security tab permissions "everyone" ... "directory security" tab on the vdir and selecting, edit, edit and manually ...
    (microsoft.public.inetserver.iis)
  • RE: SBS 2003/member Web Server and ISUR access
    ... NTFS permissions for the directories and files ... the IIS content directories have the following permissions. ... Server Extensions, ASPNET, SQL Server and other software is installed. ... The IUSR_MachineName account has the following permissions. ...
    (microsoft.public.windows.server.sbs)
  • Re: Virtual Directory - Permission Denied with fso CopyFile
    ... TestUser (normal user account with same credentials on all machines). ... I logged into the IIS server as vdirUser and simply typed ... open and I had read and write permissions to the share. ... I logged off and back into the IIS server as the administrator and deleted ...
    (microsoft.public.inetserver.iis)
  • Re: Server Unavailable - ASP.NET 2.0 on Windows XP
    ... The error message is "Server Application Unavailable". ... The user account I've ... Please review the permissions outlined in this article. ... So I switched to that directory in Command Prompt and tried the ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Server Unavailable - ASP.NET 2.0 on Windows XP
    ... Please review the permissions outlined in this article. ... Make sure that the HOME-WKSTATION\ASPNET account has been assigned NTFS ... So I switched to that directory in Command Prompt and tried the following... ... I'm still getting the "Server Unavailable" error... ...
    (microsoft.public.dotnet.framework.aspnet)