How do you allow IIS to access a symlink folder? - iis

I have a two webservers, on each webserver in the C:\inetpub\logs\LogFiles I have created a symbolic link to the other servers log file folders, so essentially I can be logged in to one of the webservers and see the logs on both servers in one place. This works perfectly.
I am building a webpage to make the log files available via a webpage, the code simply goes to the C:\inetpub\logs\LogFiles directory and lists the files in each sub folder, i.e. W3SVC1 (the local folder) and webserver2-w3svc1 (the remote log folder).
For the local folders it works fine, but I am getting the "access denied" error when trying to call Directory.GetFiles on the symlinkd folder. I suspect this is some sort of permissions error, but I tried giving the symlinkd folder full permissions to "everyone" but I still get the same error.
Is this something to do with the fact that when I created the symlinkd I had to enter the username and password of the webserver2, and these credentials cannot be accessed/used by IIS when trying to get access to the folder?
Is there anything I can do allow IIS to access the contents of this symlinkd folder?

I don't think you need to use a symlink, you can create a virtual directory mapping to that directory in IIS, just map it to the target path. In IIS, right click on the website and select Add Virtual Directory.
For more information, please refer to this official document.

After much experimentation, the only way to do this is as follows:
Create a new user on the computer.
Run the AppPool in IIS under this new users' identity as opposed to the default IUSR account.
Give the folder you are sharing permissions to this user AND 'share' this folder with the new user.

Related

IIS - proper permissions to create folders in Root

I have a web app that creates a temp. folder in the website root, writes some files into it, and then zips the folder. Everything works fine on my machine. I had to add two extra users to make it work. IUSR and IIS_IUSRS - Both with a full access. The QA persion is reporting that she is getting an error. What I see happening is that no temp. folder is created, however, the zip is altghough with wrong files inside. Can some one please explain is there a difference in permissions to create a file and create a folder?
Thanks

How can I set permission to all new sub directories on windows server created by java?

I have a website hosted on IIS and I created a virtual directory ("pictures") which physical path is "C:/mydir/mysubdir". Inside "mysubdir" there are many sub-directories (for example: "123", "456" and so on ) containing images that are shown on the website with a regular html tag.
Until now everything is working fine and images are shown, the problem occurs when the back-end application hosted on Tomcat installed on windows server and connected to IIS goes to create new sub-directory under the physical path, the images inside the new folder are not shown due to an Unauthorized access 401, the work around I'm doing is set share permission all the times the user is creating new sub-directories via webapp but you can understand that is not possible do this all the time, this must work alone.
I already set all read/write permission to the Administrator account, even shared the parent folder and set the inheritance but is not working.
The owner of the folder is different if create from tomcat (LOCAL USER instead of Administrator) and I don't know if this could be a problem.
Please help me to find a solution.
Thanks in advance.
You could try the below steps to resolve the issue:
1)select your folder under which the new subfolder is creating by another user.
2)Right-click on the target folder/file and select Properties.
3)Security → Advanced.
4)click on the add and add user application pool identity(IIS AppPool\ (eg: IIS AppPool\smartcrypt)), iis_iusrs, and iusr.
5)by clicking on show advance permission set full control. and in applies to make sure it set to this folder, subfolders, and files.
6)click on and apply the setting.
7)in application pool identity set one of these network services, local system or application pool identity.

IIS file download

I've created a new web site in IIS on my machine for testing purposes. Beneath the root I have a folder called documents where I have a bunch of pdf's that should be downloadable. However, when I hit the URL localhost:54510/documents/file.pdf I get a 404 error (Chrome, IE and Firefox).
I've added IIS_IUSRS permissions for the specified folders and the service is running since I can access my ASPNET WebApi - localhost:54510/api/whatever-service-function.
I can't grasp my head around what causes this.
PDF is specified in MIME-types as Application/pdf.
Another thing is, when I add the documents folder as a virtual directory in the Default web site then it works to download it from localhost:80/documents/file.pdf.
I have also tried to add the documents folder as a virtual directory in my web-site and set my local user as the authenticator to see if it had anything to do with permission.
I'm running on IIS 10.
Does anyone have any ideas?

Creating .htpasswd file outside webpage files

I'm working with a webpage that uses a content management system. The webpage belongs my university. We want create a private file with .htaccess and htpasswd.
The problem is I can't figure out how to place the htpasswd file outside the webpage files because I don't have access to the server machine. I need to do that because someone told me it is unsafe to place it within the webpage files. Any ideas?
If you have a shared hosting account for your website, I suggest you connect to it through FTP. In Directadmin as example, you have to put the file in your public_html folder (which is the root directory of your site).
In case you want to put it outside of the root (as you were asking), place it 1 directory lower (so not in the public_html but before that), and then link it to it.
In case you lack the permissions to do so, contact your hosting provider, cause he should be able to do it for you (and ask him for the direct path).

Cannot edit files in IIS localhost server

I have to edit a website on local server. I use Windows Server 2012 and IIS. When I try to save a modified file I only get "access denied" error. Do I need to shut down the server before making changes and then restarting it or am I missing permissions for example in the wwwroot folder for IIS_IUSRS?
I have never used WS2012 or IIS before.
You cannot edit files directly in the wwwroot. You need to copy the file/folder out of inetpub to make your edits then paste it back into the wwwroot. This is by design I am afraid.
I was able to do edits directly in the wwwroot files by creating a local user account for myself on the server and giving it FULL access (I am also in the Administrators group - but that was not enough to make it work), then setting the user full access on the SHARE I use to get to the server (via UNC path). Allows edits directly to my live site.

Resources