Re: ASP.NET Authentication

Hello Cathleen C via DotNetMonster.com,

The process hosting the web app must have at least read ACLs for the web directory - that NETWORK SERVICE by default...

---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

I'm now well beyond frustration.

I created an ASP.NET app for our intranet that only certain
individuals will be allowed to access  IIS is set up with Windows
Integrated Security and Anonymous Access turned off.  I've made
several changes to the web.config including <identity
impersonate="true" />, <authentication mode="Windows" /> (although it
was already there) and a lot of variations in between in an attempt to
force it to use the security settings placed upon the directory in
Windows Explorer.

I'm part of the admin group of useres on the network and have also
added my individual username with Full Control and everything works.
However, as soon as I remove priveledges for Network Services the page
becomes inaccessible. Sometimes when I give those rights back to
Network Services it still won't display the page even after clearing
my IE files and cache!  Just when I think I've circled in on the
problem, the behavior becomes inconsistent and then I have to
reinstall the application from the .msi.

Also irritating to note is that I have <customErrors mode="Off" /> in
web. config, but it won't display the detailed error message remotely.
I have to log into the server to see a more enlightening message than
"Runtime error" and then being directed to change the customErrors
mode to off to view the specific error message.   I open the
web.config dircetly on the server and the mode is off!

Anyway...  The detailed error message is "Access denied.....  Failed
to start monitoring file changes" blah, blah, blah.  The stack trace
refers to System. Web.DirMonCompletion..ctor,
.DirectoryMonitor.StartMonitoring, etc.  I found an KB article on the
directoyr length and some other nonsense that I tried for a similar
error with a slightly different stack trace to no avail.

This may not have any bearing on the issue, but  this app uses CR .NET
so I had to deploy with the appropriate Merge Modules.  I installed
with the .msi but if I make changes to the config file I just copy the
project to the server.  That seems reasonable and hopefully it is.

Can anyone shed some light.  It seems like this should be such a
simple process.



.

Relevant Pages

  • ASP.NET Authentication
    ... but it won't display the detailed error message remotely. ... log into the server to see a more enlightening message than "Runtime error" ... monitoring file changes" blah, blah, blah. ... This may not have any bearing on the issue, but this app uses CR .NET so I ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Error - Error Accessing File. Network Conn..." File Corruption?
    ... > consuming problem receiving the error message "Error Accessing File. ... > truly clean up an mdb? ... Sometimes the app ... > - Does anyone know of a good site dealing with Access file corruption? ...
    (microsoft.public.access.formscoding)
  • Re: I get the message Microsoft Office 2000 premium error 1706
    ... installed any app it couldn't replace. ... which can generally indicate something is broken in the installation, ... I then get a further error message ... The MS office 2000 was on a home user license from my old employer. ...
    (microsoft.public.word.docmanagement)
  • Re: XP-SP2 Suddenly Goes South
    ... I may have to write that app after all:-( ... Carl ... >> got an error message at the Welcome screen from ... >> with NAV, but that'll take all night and I thought I'd ...
    (microsoft.public.windowsxp.general)
  • Re: Office 2003 error message Errors Youre Getting??? References
    ... If you can't get any app ... go to Add/Remove and run Detect and Repair (Repair Install) from ... You receive an error message when you try to open or replace a Word 2003 ...
    (microsoft.public.officeupdate)