I set up a new virtual directory in IIS under the Default FTP Site. I already have other virtual directories, and I'm able to access them with my user account, which is a domain admin. I created an account named FTPuser, gave it full permissions to the virtual directory, but I can't open the site. When I log in, I get a Success Audit event in Event Viewer, so my account is being authenticated. But the site doesn't appear, I just get the login box again.
I ran Process Monitor and saw different behavior between the two login scenarios. When I login to the same FTP site with my admin account, I get a SUCCESS result in Procmon when trying to access the folder that is specified as the home directory for my Default Web Site. But I get an ACCESS DENIED message when trying to connect as the FTPuser. Above that in the log, it also shows a NO SUCH DEVICE error trying to connect to the IPC$ share on that drive (the one containing the home directory).
When I look at the permissions, both accounts seem to have Full Control on the relevant directories. Can anyone point me in the right direction as to what is going on here?
Thanks.
Related
I have a website I am setting up which creates a subfolder to its own location based on which user logs into the website. An administrative account we'll call admin runs the website through IIS Manager (as indicated through the basic and advanced settings on the site's tab in IIS, which indicate the credentials for admin are correct), and admin also has full security permissions to the folder that IIS refers to. The website is I think otherwise fully up and running because the login screen loads successfully. However, despite the fact that admin is both running the site and has full access to the folder, it is failing to create the folder and as such is failing to operate the website properly. I know it is this error because the website's error logging reports an UnauthorizedAccessException to the folder I would expect to be created.
Can anyone help me figure out why it is unable to create a folder in the website location? Thank you.
To fix issue, you can try to add the IIS AppPool user to the root folder of your application by right clicking the folder and selecting Properties. Select the Security tab and add the IIS AppPool<AppPoolName> user.
And you can also decide to create a custom user to access the file system from IIS. Create a new Windows (or AD) user and click your site inside the IIS Manager. From the Actions window click Basic Settings. Finally, click the Connect as button and input the new user below Specific user:
I'm trying to create a custom master page template in a SharePoint Online environment. I'm using the Design manager to upload the design files. I've mapped the network drive like the page described and can open and view the files, but I cannot upload files to the location. Every time I try I get the following error:
Error 0x800700E0: Access Denied. Before opening files in this
location, you must first add the website to your trusted sites list,
browse to the website, and select the option to login automatically.
I've added the site to the trusted sites list, as well as selected the option to login automatically. The WebClient service is also running.
How can I upload files to this location?
The only explanation I can think of is that I am logged into windows on a Microsoft account, and I use a different Microsoft account for SharePoint. I can map the network drive fine, but when I try and map it with the option "Connect using different credentials", and I use my SharePoint Online account, I get the same access denied error.
Thanks
Check permissions for the document library/folder in which you're trying to write files. Folders like _Layout which resides at root level sometimes do not allow access of write. Global administrators have full access to these folders but tenant or site collection administrators may not have its access.... For example try opening this link in browser https://yoursharepointsite.com/_layouts/15/fonts this is where font files are like Arial.ttf or Comic sans.ttf So if you want to add new font to your sharepoint online themes you'll have to add files here.
Do this open SP Designer -> open main site -> browse left side menu for your folder and try copying something. If you can copy files there you should be able to copy through your mapped drive.
Also when you mapped drive in Windows Explorer didn't it ask for credentials, where you had to give in your Office365 login email then it can't be an issue of your windows credentials messing up with anything.
In this circumstance, it was actually the Trusted Sites that I had added. I added 'mysite.sharepoint.com' as well as '*.sharepoint.com' to my trusted sites. As soon as I also added: '*.lync.com', '*.microsoftonline.com' and "*.outlook.com", I had no problems writing to the directory
I have using SSRS 2008r2 on Windows2003 server and added Domain Users group as a System Administrator via report manager. However, when I mimic an ordinary user in report manager web interface on my computer(member of the domain) I get;
User 'usera' does not have required permissions. Verify that sufficient permissions have been granted and Windows User Account Control (UAC) restrictions have been addressed.
if I try with user a on the server by using FQDN, it it shows same error above.
If I type localhost instead, it does work. while using localhost, it I navigate to a folder and while I am in a folder and change the localhost to FQDN, it still works.
There are lots of solutions on the web, like the one on http://skamie.wordpress.com/2010/06/24/ssrs-and-uac/, but it did not work..
Does anyone have any idea?
Many Thanks
Regards
Have you tried right-clicking on IE and select Run as Administrator?
I have to do that from time to time on my development machine so it is sort of first solution that came to mind. Hope it helps.
Additional answer:
So the Domain Users group has System Admin role. You can try adding that group as Browser role or Content Manager role at the root folder.
We have a website whose users supply HTML links to a virtual directory on the website. (Think www.website.com/dir1; dir1 is actually a virtual directory to a different server.) The server that the virtual directory links to requires authentication, however the username and password needed is constant.
Whenever a user tries to access a page that draws a resource from that virtual directory, the webpage asks for authentication. We don't want the user to have to enter in the authentication info every time they enter the site. We have no control over the server that is the source of the virtual directory, but have total control over the virtual directory's settings.
How can we set up the virtual directory so that a webpage that accesses the virtual directory automatically supplies the authentication info?
Please let me know if there's more info you need!
Unfortunately there isn't a way for you to transfer your authentication from one server to another, unless you share your session information. Do a google search for session state server for more information on this.
However, this may not be what you want.
Your only other options are to completely open up the resources on the 2nd server, or set up the directory on the other server as another virtual directory on the first server. This way everything is authenticated from the 1st server.
I am trying to replicate a production issue in my dev environment but am running into permissions issues, where a user in the "Contributor" group gets an access denied error. Furthermore, if I make this user a Site Collection administrator he still gets the same access denied error.
Why is this happening? How do I fix?
UPDATE: I do not have a problem when I log in from inside my VM in the dev environment. The problem must be that my dev environment is its own domain. So the question becomes, how can I log in from a machine not in the domain? I'd like to avoid extending the web application if possible.
UPDATE 2: By the way, I'm able to log in the site from my host OS fine when the credentials I use are of the "System Account."
Troubleshooting Access Denied errors is something that plagues me daily... so I feel your pain.
I am assuming this user is trying to access some page in SharePoint. From my experience, if even one Web Part on the page is accessing something the user does not have access to, the entire Access Denied page is shown.
One way to troubleshoot access to the SITE (not the page) is by visiting the "All Site Content" page: /_layouts/viewlsts.aspx. If they can get to this page, then it is something wrong with the page and not the site.
Next I would try exporting and then DELETING (not closing) webparts from the page to determine which one is causing the problem. Since you have a dev environment, I assume you could do another restore if things get too mucked up.
when do they get the access denied error? hitting the site?
are you sure that the user you're adding to the group is the same user you're logging in as? Sometimes if you have multiple user stores you can add different users to the group: DOMAIN\joe.user, forms:joe.user, someotheraccountstore:joe.user, etc.