I set up a website and I created a folder names (docs) in the website as Virtual Directory with some documents.
Therefore the URL is xxxxxxyyyyzzzz.com/docs
The problem is that when i try to access xxxxxxyyyyzzzz.com/docs/1.doc, Authentication is required. Can you tell me how to remove this and leave any user access this folder with any restrictions?
David
Not really a programming question, but if you lauch IIS manager, right click on your virtual directory, click Edit under Anonymous access and authentication control, choose "directory security" and select "anonymous".
You will also need to make sure the anonymous IIS account has read access to the directory in question (the account is shown on the screen where you enable/disable anonymous access).
Here are two support documents that assist 1.) with the [setup of Virtual Directories][1], and 2.) [how to manage folder permissions in IIS][2].
I hope that this gives some guidance for you.
Check you have anonymous access allowed with a valid account under Properties| Directory Security | Authentication and access control | Edit...
Related
I'm trying to create a custom master page template in a SharePoint Online environment. I'm using the Design manager to upload the design files. I've mapped the network drive like the page described and can open and view the files, but I cannot upload files to the location. Every time I try I get the following error:
Error 0x800700E0: Access Denied. Before opening files in this
location, you must first add the website to your trusted sites list,
browse to the website, and select the option to login automatically.
I've added the site to the trusted sites list, as well as selected the option to login automatically. The WebClient service is also running.
How can I upload files to this location?
The only explanation I can think of is that I am logged into windows on a Microsoft account, and I use a different Microsoft account for SharePoint. I can map the network drive fine, but when I try and map it with the option "Connect using different credentials", and I use my SharePoint Online account, I get the same access denied error.
Thanks
Check permissions for the document library/folder in which you're trying to write files. Folders like _Layout which resides at root level sometimes do not allow access of write. Global administrators have full access to these folders but tenant or site collection administrators may not have its access.... For example try opening this link in browser https://yoursharepointsite.com/_layouts/15/fonts this is where font files are like Arial.ttf or Comic sans.ttf So if you want to add new font to your sharepoint online themes you'll have to add files here.
Do this open SP Designer -> open main site -> browse left side menu for your folder and try copying something. If you can copy files there you should be able to copy through your mapped drive.
Also when you mapped drive in Windows Explorer didn't it ask for credentials, where you had to give in your Office365 login email then it can't be an issue of your windows credentials messing up with anything.
In this circumstance, it was actually the Trusted Sites that I had added. I added 'mysite.sharepoint.com' as well as '*.sharepoint.com' to my trusted sites. As soon as I also added: '*.lync.com', '*.microsoftonline.com' and "*.outlook.com", I had no problems writing to the directory
I have a Windows 2016 Server and I have installed and activated Office 2013 64bit in it.
I have a classic ASP application that is trying to open an Excel workbook like this:
<%
Set appExcel = CreateObject("Excel.Application")
appExcel.Workbooks.Open("C:\intranet\web\Libro1.xlsx")
%>
I'm aware that this kind of Office automation is discouraged by Microsoft but this is a legacy app that I've inherited and has to manage to make it work on Windows 2016.
If I execute this piece of code as a VBS script there is no issue but if I try to execute it as an ASP page i get:
Microsoft Office Excel error '800a03ec' Microsoft Office Excel cannot access the file 'C:\intranet\web\Libro1.xlsx'.
There are several possible reasons:
• The file name or path does not exist.
• The file is being used by another program. (...)
I have discarded all the suggested reasons, I have also checked that if I really use a file that does not exist the error message is different.
I'm running my ASP application pool as user "Administrator" (Administrador in my spanish installation).
I have given permissions for everyone in all three sections of the permissions for Microsoft Excel DCOM Configuration entry in components services.
I have checked an installed updates in my operating system and my office package.
I'm running out of ideas, any reasonable clue will be welcome.
Recommendations for Setting up Websites in IIS
Things to consider while setting up IIS websites
Anonymous Access Account
Application Pool
NTFS Permissions
Setting up an Anonymous Account
Method One - Use ApplicationPoolIdentity Instead of IUSR
The ApplicationPoolIdentity is a special term for one of the corresponding IIS AppPool\<AppPoolAccounts> in the IIS_IUSRS security group.
The reason is it ties the security context to the Application Pool rather than having the Anonymous Account running as IUSR and the Application pool running as ApplicationPoolIdentity leaving two security contexts to manage.
Method Two - Use a Custom Account as the Identity of the Application Pool
For more control use a Custom Account in place of ApplicationPoolIdentity in the Application Pool Advanced Settings. Borrowing from Method One the Anonymous Account should be set to ApplicationPoolIdentity so there is now only one security context to manage.
The main benefit to this approach over using IUSR is you know the password for the Custom Account, whereas IIS controls the IUSR password making using it in place of the ApplicationPoolIdentity as the Application Pool Identity troublesome.
Assigning NTFS Permissions
WARNING: UAC (User Account Control) can modify the NTFS permissions when running in "Admin Approval Mode", make sure the setting User Account Control: Run all administrators in Admin Approval Mode is set to False in the Local Group Policy located under Computer settings\Windows settings\Security settings\Local policies\Security options.
Depending on the method used for adding an Anonymous Account to a IIS Website there should be one of two accounts added to the Websites root folder;
Method One - IIS_IUSRS (Read Permission)
Method Two - Custom Account (Read Permission)
At the basic level the Websites root folder should contain the following permissions;
| User Account | Permission | Notes
| ------------------ | --------------------- | ---------------------
| Administrators | Full Control | For File System access.
| <IIS Anonymous> | Read & Execute | Either IIS_IUSRS or a Custom Account.
Don't Inherit Permissions
Recommend disabling Inheritance on the Websites root folder to stop parent permissions propagating down and overwriting any existing permissions, which can be a costly exercise to restore.
Finally I found what the issue was.
Following some pointers about DCOM permissions I had configured "Microsoft.Excel" DCOM configuration permissions using the "Components service" tool. But this wasn't enough.
Today I saw that apart from "Permissions" tab there is an "Identity" tab there. By default it chooses to use the "initial user", which I expected to be the user that is running the IIS application pool. I had already executed the pool with a "real" user so I was not expecting this to be related but when I changed it and selected an specific user there everything started to work.
So to sum-up my solution was:
Open "Components services administration"
Find in "DCOM Configs" section the entry related to "Microsoft.Excel" and right click on "Properties".
In the "Identity" tab set a "real" user that will run Excel when the Interop API's are used.
In the "Permissions" tab adjust the permission so that the user you have set in the identity tab has the required right
Hope this gives some clues to anyone.
I have created visual studio online site using azure and backed by our company active directory.
And when going to user management site (example image, not my screenshot) in the search box I can see all the users from the active directory which means that I'm properly connected (I guess).
And here is the problem which I wasn't able to solve.
I would like to know if it is possible to automatically give read permissions to users from active directory that try to access the site.
Currently they can login, but when they access the site it says that they don't have permissions and I have to manually add them one by one and I don't want to do that.
Do I maybe need some special active directory group that I add there as a user or what? I'm not active directory admin so I don't have access to its settings.
Thank you for the help.
Currently VSO does not support AD groups. In addition, just because you assign a licence, does not mean that they should have permission to everything. You my be a special case, but the choice of access should be left to the Team Project owners.
i'm using Sitecore 6.5.
I want to configure a Sitecore role to access the /system folder from the content editor.
(my end goal is to have certain user to access and edit the webforms in /system/modules/web forms for marketeers)
I have granted read rights to the system folder on the role, but the /system folder does not appear in the content editor tree.
I guess if there is some other security preventing the users to see the system folder?
I can only get a view on the system folder by granting full admin rights to the user.
First off, make sure the user has the Entire Tree and Hidden Items options ticked in the View tab.
Also, to check if it's access rights you can use the Access Viewer to see whether the user has access rights. If they don't you can click on the Read right (for instance) and see why they don't have access to the System node (for example, which role Denies the read access).
For more information, please check the Security Reference document on SDN.
I have using SSRS 2008r2 on Windows2003 server and added Domain Users group as a System Administrator via report manager. However, when I mimic an ordinary user in report manager web interface on my computer(member of the domain) I get;
User 'usera' does not have required permissions. Verify that sufficient permissions have been granted and Windows User Account Control (UAC) restrictions have been addressed.
if I try with user a on the server by using FQDN, it it shows same error above.
If I type localhost instead, it does work. while using localhost, it I navigate to a folder and while I am in a folder and change the localhost to FQDN, it still works.
There are lots of solutions on the web, like the one on http://skamie.wordpress.com/2010/06/24/ssrs-and-uac/, but it did not work..
Does anyone have any idea?
Many Thanks
Regards
Have you tried right-clicking on IE and select Run as Administrator?
I have to do that from time to time on my development machine so it is sort of first solution that came to mind. Hope it helps.
Additional answer:
So the Domain Users group has System Admin role. You can try adding that group as Browser role or Content Manager role at the root folder.