I just down loaded Azure SDK and created my firest WCF Service Role clicked on F5 but it goes to 127.0.0.1:81 and says
403 Access denied - forbidden ....
thanks for your advice.
As pointed out by Julien, please type the complete address. Otherwise IIS thinks you’re requesting the directory to list files, which by default is not allowed.
Try 127.0.0.1:81/Service1.svc ;)
Change Service1 by the name of your project
Related
Getting error ONLY while accessing Blob storage.
No issues in Queues, File Share or table.
Any idea ?
Unable to retrieve child resources.
Details:
["FetchError:request to https://fssaicessunsetsbxv1sa.blob.core.windows.net/?include=metadata&comp=list failed, reason: unable to get local issuer certificate"]
Error : Self-Signed Certificate in Certificate Chain ,Unable to retrieve child resources.
Issue for me: I am attached with office proxy server. But Azure Storage Explorer is not using that proxy.
Solution:
Azure Storage Explorer -> Edit -> Configure Proxy,
Source = No proxy "Changed to" Use System proxy(preview)
After making these changes; I am able access the resources.
Moreover, Verify the permissions do you have on the connection string?
To generate your connection string either through the Azure Portal or some apps. When you generate the connection string, you need to give "Allowed permissions". Beside Read/Write you also need the List permission so Storage Explorer can list the blobs. Here is a screenshot in Azure portal to check/uncheck the permissions:
Have set any RBAC policies?
If you are connected to Azure through a proxy, verify that your proxy settings are correct. If you were granted access to a resource from the owner of the subscription or account, verify that you have read or list permissions for that resource.
If possible can you try to un-install and reinstall the latest version and check for the status of the issue.
Azure Storage Explorer Troubleshooting: "unable to retrieve child resources” or “The request action could not be completed”.
If the issue still persist after trying above mentioned steps, I would like to work closer on this issue. Let me know the status
Warning: For the noobs !
if you got luck you can also fix it by closing and re-opening the visual studio.
Reason: Authorization is tightly coupled with azure
Motivation: To err is Human ! Even Soft. DEV working at Microsoft are Human.
I tried to export Sql Database in azure to storage blob but the operation failed. I do this task daily last month and this issue is new. It shows as follows :
Error encountered during the service operation.Blob https://blob link/dbname-2019-1-16-14-24.bacpac is not writeable. The remote server returned an error: (403) Forbidden.The remote server returned an error: (403) Forbidden.
I had the same problem. I have contacted Azure support and this is their response.
We recently identified a regression in the import/export service that is generating incorrect SAS tokens to the storage accounts.
The engineering team has rolled out the fix, but it might take some time for the fix to get applied worldwide.
Please try the following link to access Azure portal and then perform the export operations:
https://portal.azure.com/?feature.canmodifystamps=trueµsoft_azure_storage=stage1
The portal shows an orange title bar if you open it via the above link, this is expected.
So, it should be already fixed by now.
If you're using sql scripts for back up following this link, then I suspect that the expired date of SHARED ACCESS SIGNATURE is reached.
Please re-generate SHARED ACCESS SIGNATURE, and then use the new key for backup.
Please let me know if any more issues.
Make sure a firewall rule does not exist. Please go to the Azure portal "Storage Accounts → "YourStorageAccountName" → Firewalls and Virtual Networks (left vertical panel). Put it to "Allow access" from "All networks". You can also configure the storage account with exceptions for trusted Microsoft services as explained here.
I am running a intranet website on IIS. Now my task is to access a folder with a normal href="" outside of the wwwroot folder. I think this isn't possible, so I tried to symlink the folder. I successfully created a symlink to the folder. But now I get the error message: "401 not authorized: Access denied due to invalid notifying informations".
Any ideas?
All help is highly appreciated!
Thanks guys!
First of all don't use symlinks, just add a virtual directory to your site that points to the external folder.
Once you've done that you then need to ensure that the user the site is running under, usually the "Application Pool Identity" has the correct permissions to access your external folder. One of my previous answers explains how to do this:
How to apply Application Pool Identity permissions
As the title suggests I am receiving an error "Cannot read configuration file" when attempting to read a JPG file from an Azure File share mounted on a VM (from within Azure network) through a virtual directory from within IIS 7.5
This points to a permission problem - I created a local user on the web server matching the username and set the password to the Access Key of the storage service on Azure (the same credentials to access/mount the file storage share).
I set this on the app pool the vdir runs under aswell as the virtual directory properties "Physical Path Credentials" - both still return the following error:
HTTP Error 500.19 - Internal Server Error
The requested page cannot be accessed because the related configuration data for the page is invalid.
Detailed Error Information:
Module
IIS Web Core
Notification
BeginRequest
Handler
Not yet determined
Error Code
0x80070003
Config Error
Cannot read configuration file
Config File
\?\X:\web.config
Requested URL
http://localhost:80/myvdir/1.jpg
Physical Path
X:\1.jpg
Logon Method
Not yet determined
Logon User
Not yet determined
Config Source:
-1:
0:
So either the credentials i'm using do not match the UNC credentials or IIS does not support this.
Anyone have any ideas?
UPDATE - 2016-15-18
Solved
Thanks to Simon W and Forester123
The issue was due to the following missing steps:
When adding the local user I failed to add this user to the IIS_IUSRS group
Using the drive letter at the start of the physical path for the application. You must use the UNC path \myaccount.file.core.windows.net\sharename you cannot use a drive letter e.g. X:\
This URL (provided by Simon W) was invaluable http://blogs.iis.net/davidso/azurefile
Trying to use a mapped drive is likely your issue. Take a look at how this is achieved using a UNC instead: http://blogs.iis.net/davidso/azurefile
You need to specify the UNC path of your file share as the Physical Path property:
\\<your_storage_account>.file.core.windows.net\<your_share>
Using mapped drive will just give the error you encountered. Mapped drive is only for the local user session. See below test:
While deploying menu Item I receive an error:
Server was unable to process request. ---> Setup encountered an error during deployment of the Role Center and Enterprise Portal framework.
But deploying whole module works fine.
Also importing page gives an error as well as follows:
Server was unable to process request. ---> startIndex cannot be larger than length of string.
Parameter name: startIndex
I've full control permission on sharepoint on that particular URL.
Check your event log. I found that I was getting an error regarding write permissions to the root site.
"You need write permission to the root web site at ...."
Check to see what account is on the app pool in IIS Manager. You can open the site using that account and add your account