So i've been trying desperately to allow my SharePoint project to write an xml file to a temporary location in my project directory, but haven't had any success.
when I try:
myDataTable.WriteXml("path to folder in project", true);
i'm met with:
"Access to path is Denied"
Now I have had this issue before and have solved it by giving the user group for the application pool write permissions, but it hasn't worked for my sharepoint project. Any suggestions?
You will probably need to elevate privileges in code before calling this method. Look at spsecurity.runwithelevatedprivileges method to run code as the Sharepoint web apps application pool account. You will then need to give that account the correct permission on the file system.
Related
I have a two webservers, on each webserver in the C:\inetpub\logs\LogFiles I have created a symbolic link to the other servers log file folders, so essentially I can be logged in to one of the webservers and see the logs on both servers in one place. This works perfectly.
I am building a webpage to make the log files available via a webpage, the code simply goes to the C:\inetpub\logs\LogFiles directory and lists the files in each sub folder, i.e. W3SVC1 (the local folder) and webserver2-w3svc1 (the remote log folder).
For the local folders it works fine, but I am getting the "access denied" error when trying to call Directory.GetFiles on the symlinkd folder. I suspect this is some sort of permissions error, but I tried giving the symlinkd folder full permissions to "everyone" but I still get the same error.
Is this something to do with the fact that when I created the symlinkd I had to enter the username and password of the webserver2, and these credentials cannot be accessed/used by IIS when trying to get access to the folder?
Is there anything I can do allow IIS to access the contents of this symlinkd folder?
I don't think you need to use a symlink, you can create a virtual directory mapping to that directory in IIS, just map it to the target path. In IIS, right click on the website and select Add Virtual Directory.
For more information, please refer to this official document.
After much experimentation, the only way to do this is as follows:
Create a new user on the computer.
Run the AppPool in IIS under this new users' identity as opposed to the default IUSR account.
Give the folder you are sharing permissions to this user AND 'share' this folder with the new user.
I have a website hosted on IIS and I created a virtual directory ("pictures") which physical path is "C:/mydir/mysubdir". Inside "mysubdir" there are many sub-directories (for example: "123", "456" and so on ) containing images that are shown on the website with a regular html tag.
Until now everything is working fine and images are shown, the problem occurs when the back-end application hosted on Tomcat installed on windows server and connected to IIS goes to create new sub-directory under the physical path, the images inside the new folder are not shown due to an Unauthorized access 401, the work around I'm doing is set share permission all the times the user is creating new sub-directories via webapp but you can understand that is not possible do this all the time, this must work alone.
I already set all read/write permission to the Administrator account, even shared the parent folder and set the inheritance but is not working.
The owner of the folder is different if create from tomcat (LOCAL USER instead of Administrator) and I don't know if this could be a problem.
Please help me to find a solution.
Thanks in advance.
You could try the below steps to resolve the issue:
1)select your folder under which the new subfolder is creating by another user.
2)Right-click on the target folder/file and select Properties.
3)Security → Advanced.
4)click on the add and add user application pool identity(IIS AppPool\ (eg: IIS AppPool\smartcrypt)), iis_iusrs, and iusr.
5)by clicking on show advance permission set full control. and in applies to make sure it set to this folder, subfolders, and files.
6)click on and apply the setting.
7)in application pool identity set one of these network services, local system or application pool identity.
I run my web app in IIS (Windows Server 2012 R2) - which uses XML and an .rpt file to generate a PDF. When trying to use ExportToStream() in debug mode, I get this exception:
Access denied. The file may be in use by another program.
I thought this had something to do with permissions on folders, but I wasn't able to fix it. How can I stop my permissions from being denied?
It should the User you logged in into that computer, then set folder access to full control.
Access denied. The file may be in use by another program.
This Error says the file is already open, Check it in task manager and kill it.
Close all PDF file too..it should be open with same name as you generate a new pdf,It must be unique name.
The permissions were denied because I was using a temporary file, located in C:\TEMP. Adding the group "Everyone" with Full Access solved the problem.
I have an InstallScript installer that utilizes dynamic file links for several components. These components contain configuration files that standard users should be able to edit. We recently discovered that when these files are installed on Windows Server 08, the permissions are set to full access for the Administrators group, but only read & execute access for the Users group. The typical install location is C:\programName.
I've tried creating new files manually as an admin (right click - new text file) in the C:\programName directory, and they are generated with identical permissions. I'm assuming that this is just the standard permission setup for new files.
Is there any way, within InstallShield, to set the permissions for dynamically linked files or the directory containing them?
I've looked for permission settings in
Organization -> Components
Application Data -> Files and Folders
but I haven't found anything. The documentation on dynamic file links makes no mention of permissions.
We are using InstallShield 2010.
Generally these permissions are a good thing; they're inherited from their parent folders. Non-administrator users (including the limited access admin before accepting a UAC prompt) should be unable to modify files under Program Files or C: so I would suggest addressing this concern in your application (for instance by using each user's Documents folder). Since you don't talk about why you need it, it's hard to say with certainty if this applies to your case.
If it turns out it does make sense to address this in the installation instead of the application, you can use the SetObjectPermissions API to set permissions programmatically.
In "Files and Folders" page right-click the file or folder, select Properties and click the Permissions button. In the "Permissions" dialog you can then right-click in the Name(s) list and use the New context menu option to add a new permission.
If the option is not available for a file, you can try setting it on the parent folder.
My application is not supposed to perform any administrative tasks, so I want a normal User account to be able to run it. Only thing is, my application reads from and writes to a database file; if the user running Windows 7 (Or Vista) installs my app in drive C, the drive's default permission set configuration doesn't allow my app to write data.
How can I allow my app to write to C:, without requiring full administrative privileges?
If the database file exists at install time you can just grant the user write access to the file as part of the installation process (ordinary users do not have this permission by default). If the file needs to be created by the program the user running the program will need modify permissions on the c drive, which is not something that I would recommend.
I'd suggest storing your db file in Documents and Settings / App data / your app / directory. It exists specifically for this purpose. Writing to C:/Program Files is not so good practice. If that's possible in your case, that is.
You need to open UAC (User Account Access) and set security slider to the bottom. Then you can access drive C: as you did in windows XP.
I decided to modify directory permissions in the setup process, so I created an .exe file that changes the permissions of its start-up path, and gives all users access to that path. I simply included that .exe file in my deployment project, and created a Custom Action that would run the file in the Commit phase of installation.
Because the setup asks the user for administrative rights when it is being installed, my .exe also enjoys administrative privileges and can modify the permissions of the installation directory.
In my .exe, I used a Process instance to run the ACL utility shipped with Windows (icacls.exe) as follows:
ICACLS.EXE [TargetDir] /T /C /grant Users:F
(Make sure that [TargetDir] doesn't end with a "\" or the call will fail.)
This gives all users full control access to the target directory.
I could also write .NET code and change directory permissions manually, but I'm a little lazy!
You may however want to inspect your environment conditions thoroughly so that what you do wouldn't become a security hole in your environment; but this was suitable for me.
I hope this helps others who faced the same issue.
The user by default should have write permissions to drive C:, if not, then you will need to change the directory you read from and write to, to the executing directory (C:/Program Files/Your App/) rather than the root of C:
You can get this by
String Path = Path.GetDirectoryName(Application.ExecutablePath);