I have a web app that creates a temp. folder in the website root, writes some files into it, and then zips the folder. Everything works fine on my machine. I had to add two extra users to make it work. IUSR and IIS_IUSRS - Both with a full access. The QA persion is reporting that she is getting an error. What I see happening is that no temp. folder is created, however, the zip is altghough with wrong files inside. Can some one please explain is there a difference in permissions to create a file and create a folder?
Thanks
Related
I have a two webservers, on each webserver in the C:\inetpub\logs\LogFiles I have created a symbolic link to the other servers log file folders, so essentially I can be logged in to one of the webservers and see the logs on both servers in one place. This works perfectly.
I am building a webpage to make the log files available via a webpage, the code simply goes to the C:\inetpub\logs\LogFiles directory and lists the files in each sub folder, i.e. W3SVC1 (the local folder) and webserver2-w3svc1 (the remote log folder).
For the local folders it works fine, but I am getting the "access denied" error when trying to call Directory.GetFiles on the symlinkd folder. I suspect this is some sort of permissions error, but I tried giving the symlinkd folder full permissions to "everyone" but I still get the same error.
Is this something to do with the fact that when I created the symlinkd I had to enter the username and password of the webserver2, and these credentials cannot be accessed/used by IIS when trying to get access to the folder?
Is there anything I can do allow IIS to access the contents of this symlinkd folder?
I don't think you need to use a symlink, you can create a virtual directory mapping to that directory in IIS, just map it to the target path. In IIS, right click on the website and select Add Virtual Directory.
For more information, please refer to this official document.
After much experimentation, the only way to do this is as follows:
Create a new user on the computer.
Run the AppPool in IIS under this new users' identity as opposed to the default IUSR account.
Give the folder you are sharing permissions to this user AND 'share' this folder with the new user.
I've set up my home PC (win10) as webserver with IIS just for testing/educational purposes.
I wasn't being able to edit the html files I created on wwwroot so I went into sharing configuration and added my user with R/W permission to the folder.
When I did this, I stopped being able to access localhost/myhtml.html file (401 error).
I've correct the issue by giving permission to Everyone but that seems like a security hazard to me.
What are the correct permission configurations so I access the files both through webserver and the code editor?
I try to host a website that needs the user profile tempfolder due to a requirement to load the User Profile
The User folder created in Users contains an AppData folder, but that in turn doesnt contain a TEMP folder
I tried to add the folder before the deploy, but then the profile folder doesnt exist, and it creates another folder for the profile when it tries to start
One workaround would be to trigger a call which creates the User profile folder, and then add it
But i would like to know if there are any better/cleaner option to do it?
The issue was with my previous sysprepping of the machine, my script ran it as the system account, and that caused a lot of funky behavior!
we have a Windows 7 server and I've been asked to set it up so no one can move files in the root directory except for 3 users and still allow everyone to access/create files in subdirectory.
Example:
We have a drive, X:/
We don't want people to move any folders inside X:/
But in X:/SomeFolder we want people to have full permissions to create, move, and modify files.
I got the move restriction setup by disallowing delete for subfolders in the current directory, but it restricted access on sub-sub folders as well.
Anyone have a clue on how to do this?
When changing the permissions to block users from moving folders, set them to apply to This Folder Only:
(source: winhelp.us)
Assuming you have two groups, Users and Administrators, and no other permissions currently configured on X::
Grant Administrators Full Control, applied to This Folder Only
Grant Users the following permissions, applied to This Folder Only:
Traverse Folder
List Folder Contents
Read Attributes
Read Extended Attributes
Read Permissions
Create Files
Create Folders
We're using cruisecontrol.net, it builds the version, creates a zip file, then 15 min later, unzips the file on the Integration server. But when the folder gets to the integration server, often, the security permission on one of the folders is totally hosed. The Domain admin and folder owner can't even open the folder in explorer. We reboot and the folder permissions are good we can delete the folder and redeploy the zip file and it's okay.
Does anyone have any idea what or how the folder permissions are getting so messed up?
Any tools to use to diagnose/watch what exactly is messing it up?
Have you tried using psexec from system internals to upzip to file on the remote machine rather than the build machine?
Also, it seems to me that rather than unzipping the zip just copy the stuff directly to the remote server. I'm not seeing the reason to zip it and then just unzip it?