Re: Required permissions cannot be acquired?

• Previous message: Paul Clement: "Re: Required permissions cannot be acquired?"
• In reply to: Paul Clement: "Re: Required permissions cannot be acquired?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 03 Sep 2004 11:14:07 -0600

Thank-you very much for your reply and for this suggestion!

Changing the file permissions was one of the things I tried.
Unfortunately, even after giving "Everyone" permission, my application
continued to fail the same way.

I have narrowed it down to a .NET permissions issue, since if I run
"caspol -s off" then everything works. However, that's clearly not a
solution that can make it into production. :-)

FYI, there is more information in a concurrent thread in
microsoft.public.dotnet.framework.aspnet.security.

Thanks again!
Brad.

On Fri, 03 Sep 2004 11:46:54 -0500, Paul Clement
<UseAdddressAtEndofMessage@swspectrum.com> wrote:

>On Thu, 02 Sep 2004 15:28:39 -0600, Bradley Plett <plettb@hotmail.com> wrote:
>
>¤ I've posted a similar question in the
>¤ microsoft.public.sqlserver.reportingsvcs and
>¤ microsoft.public.dotnet.framework.aspnet.security groups. Please
>¤ forgive the cross-posting, but a) I'm not sure which is the best group
>¤ for this, and b) need to solve this and it is more of a
>¤ .NET/permissions issue anyway. However, it is in the context of RS'
>¤ forms authentication, which is making it more difficult for me to
>¤ understand/debug.
>¤
>¤ I have forms authentication in SQL RS working like a charm. (For more
>¤ info, see
>¤ http://msdn.microsoft.com/library/?url=/library/en-us/dnsql2k/html/ufairs.asp).
>¤ However, I am now trying to do some authentication against an Oracle
>¤ database. What's very strange is that as soon as I try to bind to
>¤ Oracle's client (Oracle.DataAccess in, by default,
>¤ C:\oracle\ora92\bin\Oracle.DataAccess.dll), I get
>¤ "System.Security.Policy.PolicyException: Required permissions cannot
>¤ be acquired." I've definitely narrowed it down to the Oracle binding,
>¤ but can't figure out how to make it work. I've looked in "Microsoft
>¤ .NET Framework 1.1 Configuration" under "Runtime Security Policy" and
>¤ did an "Evaluate Assembly", which returned "Unrestricted". I also
>¤ tried editing rssrvpolicy.config (in "C:\Program Files\Microsoft SQL
>¤ Server\MSSQL\Reporting Services\ReportServer\") to add a full trust
>¤ for the Oracle.DataAccess.dll, but none of this has helped. Any other
>¤ ideas or suggestions?
>¤
>¤ Despite being much more capable, I often find .NET permissions much
>¤ more confusing, especially trying to debug this type of failure. If
>¤ anyone can point me to some good tools and/or techniques on this
>¤ topic, I'd MUCH appreciate it. I suppose part of the problem is that
>¤ I don't have time to read an entire book - I just want to skip to the
>¤ good parts! :-)
>
>See if the following helps:
>
>Problem Description
>-------------------
>
>When running an application using the Oracle9i Release 2 (9.2.0.1.0) install
>of client software and that attempts to connect to an Oracle database with the
>Authenticated User privilege (such as when you use Microsoft's Internet
>Information Server (IIS)) through any of the following programmatic interfaces
>
> 1. Oracle Provider for OLE DB
> 2. Microsoft OLE DB Provider for Oracle
> 3. Oracle ODBC Driver
> 4. Microsoft ODBC for Oracle
> 5. Oracle Objects for OLE (OO4O)
> 6. Microsoft .NET Framework Data Provider for Oracle
>
>
>you may receive one of the following errors:
>
>
> (1) Oracle Provider for OLE DB
>
> (a) Error Type: Microsoft OLE DB Service Components (0x80070005)
>
> Access is denied.
>
>
> (b) OraOLEDB.Oracle Provider is not registered on the local machine
>
>
> (2) Microsoft OLE DB Provider for Oracle
>
> (a) Error Type: Microsoft OLE DB Provider for Oracle (0x80004005)
>
> Oracle client and networking components were not found. These
> components are supplied by Oracle Corporation and are part of the
> Oracle Version 7.3.3 or later client software installation. Provider
> is unable to function until these components are installed.
>
>
> (b) Error Type: Microsoft OLE DB Provider for Oracle (0x80004005)
>
> Oracle error occurred, but error message could not be retrieved
> from Oracle.
>
>
> (3) Oracle ODBC Driver
>
> (a) Error Type: Microsoft OLE DB Provider for ODBC Drivers (0x80004005)
>
> Specified driver could not be loaded due to system error 5 (Oracle
> in OraHome92).
>
>
> (4) Microsoft ODBC for Oracle
>
> (a) The Oracle(tm) client and networking components were not found.
> These components are supplied by Oracle Corporation and are part
> of the Oracle Version 7.3 (or greater) client software installation.
>
> You will be unable to use this driver until these components have
> been installed.
>
>
> (b) Error number: -2147467259
>
> Error Description: [Microsoft][ODBC Driver Manager] Driver's
> SQLAllocHandle on SQL_HANDLE_ENV failed
>
>
> (5) Oracle Objects for OLE
>
> (a) while using a GLOBAL.ASA file
>
> Error Type: Active Server Pages (0x0)
>
> An error occurred while creating object 'OraSession'.
>
>
> (b) not using a GLOBAL.ASA file
>
> Error Type: Microsoft VBScript runtime (0x800A0046)
>
> Permission denied: 'CreateObject'
>
>
> (6) Microsoft .NET Framework Data Provider for Oracle
>
> (a) System.DllNotFoundException: Unable to load DLL (oci.dll).
> at System.Data.OracleClient.DBObjectPool.GetObject(Boolean&
> isInTransaction)
> at System.Data.OracleClient.OracleConnectionPoolManager.
> GetPooledConnection(String encryptedConnectionString,
> OracleConnectionString options, Boolean& isInTransaction)
> at System.Data.OracleClient.OracleConnection.OpenInternal
> (OracleConnectionString parsedConnectionString, Object transact)
> at System.Data.OracleClient.OracleConnection.Open()
> at WCWSItemAvailability.ETAAvailability.SingleAvailability(String
> ItemNumber, String BusinessUnit, Int32 OrderQty, Int32&
> AvailableQty, Int32& OnHandQty, String& ETADate, Int32& Error)
> at WCWSItemAvailability.ETAAvailability.XMLAvailability(String
> XMLInput)
>
>
> (7) Other miscellaneous errors
>
> (a) The Specified Module Could Not Be Found
>
> (b) ORA-00604: error occurred at recursive SQL level 1
> ORA-12705: invalid or unknown NLS parameter value specified
>
> (c) Unable to load DLL (OraOps9.dll):
> ...
> [DllNotFoundException: Unable to load DLL (OraOps9.dll).]
>
> (d) System Error 998 trying to run ASP page
>
>
>Solution Description
>--------------------
>
> Oracle 9.2 Client software requires that you give the Authenticated User
> privilege to the Oracle Home by following these steps:
>
> 1. Log on to Windows as a user with Administrator privileges.
>
> 2. Launch Windows Explorer from the Start Menu and and navigate to the
> ORACLE_HOME folder. This is typically the "Ora92" folder under the
> "Oracle" folder (i.e. D:\Oracle\Ora92).
>
> 3. Right-click on the ORACLE_HOME folder and choose the "Properties" option
> from the drop down list. A "Properties" window should appear.
>
> 4. Click on the "Security" tab of the "Properties" window.
>
> 5. Click on "Authenticated Users" item in the "Name" list (on Windows XP
> the "Name" list is called "Group or user names").
>
> 6. Uncheck the "Read and Execute" box in the "Permissions" list under the
> "Allow" column (on Windows XP the "Permissions" list is called
> "Permissions for Authenticated Users").
>
> 7. Re-check the "Read and Execute" box under the "Allow" column (this is
> the box you just unchecked).
>
> 8. Click the "Advanced" button and in the "Permission Entries" list make
> sure you see the "Authenticated Users" listed there with:
>
> Permission = Read & Execute
> Apply To = This folder, subfolders and files
>
> If this is NOT the case, edit that line and make sure the "Apply onto"
> drop-down box is set to "This folder, subfolders and files". This
> should already be set properly but it is important that you verify this.
>
> 9. Click the "Ok" button until you close out all of the security properties
> windows. The cursor may present the hour glass for a few seconds as it
> applies the permissions you just changed to all subfolders and files.
>
> 10. Reboot your computer to assure that these changes have taken effect.
>
>
>Re-execute the application and it should now work.
>
>
>Explanation
>-----------
>
>If you install Oracle9i Release 2 (9.2.0.1.0) on a computer running Windows
>with an NTFS partition, the contents of ORACLE_HOME directory will not be
>visible to users who are authenticated on that machine. These permissions
>were not set properly when the software was installed.
>
>Applications that were working fine with previous versions of Oracle software
>will stop working when they upgrade to Oracle 9.2.
>
> NOTE: The application will continue to work if the user has logged onto the
> machine as an Administrator.
>
>Any application that is using the Authenticated User privilege will not work.
>A notable example would be IIS which might service some of the requests based
>on the Authenticated User privileges.
>
>To demonstrate the problem in further detail, you can log on to the operating
>system as an authenticated machine user. You won't be able browse the contents
>of the ORACLE_HOME directory demonstrating your inability to load any Oracle DLLs
>or make a connection.
>
>
>Additional Information
>----------------------
>
>The above error messages may not only be encountered when using Oracle 9.2
>client software but may also exists when running into general permissions
>issues using third party products on a Windows platform.
>
>
>Paul ~~~ pclement@ameritech.net
>Microsoft MVP (Visual Basic)

• Previous message: Paul Clement: "Re: Required permissions cannot be acquired?"
• In reply to: Paul Clement: "Re: Required permissions cannot be acquired?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]