Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Access denied to folder using impersonation on IIS 6

Status
Not open for further replies.
toon10

toon10

Programmer
Mar 26, 2004
303
0
0
DE
I’m using impersonation on my web application in order to identify who is currently logged onto the client. For example “John Smith”. This side of things works fine as the web page lists the name and email address of whoever is logged onto the machine.

My web.config file contains…
<authentication mode="Windows" />
<identity impersonate="true"/>
<authorization>
<deny users="?" />
</authorization>

I have a folder on the company network and when a user submits a request on my web page, a sub folder gets created. There is an AD security group setup for this folder and “John Smith” has access to it.

When I run the code from my PC in debug mode all works fine and the sub folder gets created as it should. My problem comes when I release the application to the Intranet server. When I run the web page as “John Smith” from the Intranet, I get the error:

Error: Access to the path is denied.

I’m running this via IIS v 6 (I know, it’s an old server!).

The application pool identity is set to “Network Service” and I have added Network Service to the folder permissions with modify access.

Am I missing something or is there another account that it would use which requires access to the folder? I’ve also tried the ASP.NET account with no success.

Thanks
 
Sort by date Sort by votes
Hi,

A couple of questions.

1, does the user, "John Smith" you are testing with have the ability to create a folder or save information to a folder?

Remember you are impersonating his AD credentials. So, if his permission level does not allow him to write to a network drive, it is not going matter what you tried to do with his account.

Second, did you either try to change your web.config to add domain name?

Example, you can try prefixing username with domain name like:
<identity impersonate="true" userName="Domain\user" password="password" />

Thirdly, you probably did this already but did you try Domain\John.smith and then password?

Finally, try the following steps and see if it helps you.

1) Add Windows authentication in IIS Windows feature

a) Right click on the Windows logo in the bottom left corner

b) Click 'Control panel'

c) Click 'Programs'

d) Click 'Turn Windows features on or off'

e) Under 'Internet Information Services' -> 'World Wide Web Services' -> 'Security', check 'Windows Authentication'

3) Restart the computer

4) In IIS Manager, in the 'IIS' group, click on 'Authentication'

5) Make sure the status of 'ASP.Net Impersonation' and 'Windows Authentication' are Enabled

Good luck.

--k--
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

AhmedAzizBarbary
  • Locked
  • Question
How to pass list of checkboxes not checked on page model razor page?
Replies
0
Views
151
AhmedAzizBarbary
AhmedAzizBarbary
AhmedAzizBarbary
  • Locked
  • Question
How to read data response body after success login razor page ?
Replies
0
Views
154
AhmedAzizBarbary
AhmedAzizBarbary
a6green
  • Locked
  • Question
How to configure AT&T / Avaya Definity G3 incoming ISDN trunk
Replies
2
Views
166
a6green
a6green
Makumbi256
  • Locked
  • Question
how can i convert this code to cshap
Replies
1
Views
131
xwb
xwb
engsalah2018
  • Locked
  • Question
How to get label text from table reference on database based on TableName and FieldName
Replies
2
Views
139
jbenson001
jbenson001

Part and Inventory Search

Sponsor

Back
Top