Access Denied to Temporary files

Hi all,

I hope someone can give me a hand, because I'm out of ideas. I keep getting
this message:

Access to the path "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temp orary
ASP.NET Files\projects_cig\e4e3b3da\3c20ac69" is denied.

The error goes on to say that the ASP.NET is not authorized...

Here are my particulars:
I have a storage array where my asp.net project resides.
I create a Virtual Directory pointing to the share where the project is
stored.
I specify the network user account to use to access the share
I also specify the Anonymous User Account to be the same account as that
accessing share.
I've added the <identity impersonate=true /> tag to the web.config file of
my project.

I've done this with multiple servers, 2000 and 2003 and get the same
results. The projects run fine locally, but I've got to get this working
where my source code is remote.

Anyone know of the step I'm missing?

- Chad

On Tue, 27 Jan 2004 12:07:02 -0500 Chad Crowder wrote:
[color=blue]
> Hi all,[/color]
[color=blue]
> I hope someone can give me a hand, because I'm out of ideas. I keep getting
> this message:[/color]
[color=blue]
> Access to the path "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temp orary
> ASP.NET Files\projects_cig\e4e3b3da\3c20ac69" is denied.[/color]
[color=blue]
> The error goes on to say that the ASP.NET is not authorized...[/color]
[color=blue]
> Here are my particulars:
> I have a storage array where my asp.net project resides.
> I create a Virtual Directory pointing to the share where the project is
> stored.
> I specify the network user account to use to access the share
> I also specify the Anonymous User Account to be the same account as that
> accessing share.
> I've added the <identity impersonate=true /> tag to the web.config file of
> my project.[/color]
[color=blue]
> I've done this with multiple servers, 2000 and 2003 and get the same
> results. The projects run fine locally, but I've got to get this working
> where my source code is remote.[/color]
[color=blue]
> Anyone know of the step I'm missing?[/color]
[color=blue]
> - Chad[/color]

Did You try to disable the Indexing-Service?

Michael

ASP.NET process needs access to the
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Tempo rary ASP.NET Files\
directory. It stores temporary compiled code there. If you have changed the
account that ASP.NET runs as, you need to give that new account access to
the directory above. Its either
"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temp orary ASP.NET Files\" or
"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ ", I can't remember...

"Chad Crowder" <chad@spam_me_not.chad> wrote in message
news:OENI9fP5DHA.1592@TK2MSFTNGP10.phx.gbl...[color=blue]
> Hi all,
>
> I hope someone can give me a hand, because I'm out of ideas. I keep[/color]
getting[color=blue]
> this message:
>
> Access to the path "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temp orary
> ASP.NET Files\projects_cig\e4e3b3da\3c20ac69" is denied.
>
> The error goes on to say that the ASP.NET is not authorized...
>
> Here are my particulars:
> I have a storage array where my asp.net project resides.
> I create a Virtual Directory pointing to the share where the project is
> stored.
> I specify the network user account to use to access the share
> I also specify the Anonymous User Account to be the same account as that
> accessing share.
> I've added the <identity impersonate=true /> tag to the web.config file of
> my project.
>
> I've done this with multiple servers, 2000 and 2003 and get the same
> results. The projects run fine locally, but I've got to get this working
> where my source code is remote.
>
> Anyone know of the step I'm missing?
>
> - Chad
>
>[/color]

Yeah, well actually the index service was already disabled.

- Chad

"Michael" <toxcic@hotmail.com> wrote in message
news:ozzghfkol8gi$.dlg@myusenetfqdn.fqdn.th-h.de...[color=blue]
> On Tue, 27 Jan 2004 12:07:02 -0500 Chad Crowder wrote:
>[color=green]
> > Hi all,[/color]
>[color=green]
> > I hope someone can give me a hand, because I'm out of ideas. I keep[/color][/color]
getting[color=blue][color=green]
> > this message:[/color]
>[color=green]
> > Access to the path[/color][/color]
"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temp orary[color=blue][color=green]
> > ASP.NET Files\projects_cig\e4e3b3da\3c20ac69" is denied.[/color]
>[color=green]
> > The error goes on to say that the ASP.NET is not authorized...[/color]
>[color=green]
> > Here are my particulars:
> > I have a storage array where my asp.net project resides.
> > I create a Virtual Directory pointing to the share where the project is
> > stored.
> > I specify the network user account to use to access the share
> > I also specify the Anonymous User Account to be the same account as that
> > accessing share.
> > I've added the <identity impersonate=true /> tag to the web.config file[/color][/color]
of[color=blue][color=green]
> > my project.[/color]
>[color=green]
> > I've done this with multiple servers, 2000 and 2003 and get the same
> > results. The projects run fine locally, but I've got to get this[/color][/color]
working[color=blue][color=green]
> > where my source code is remote.[/color]
>[color=green]
> > Anyone know of the step I'm missing?[/color]
>[color=green]
> > - Chad[/color]
>
> Did You try to disable the Indexing-Service?
>
>
> Michael[/color]

The local "users" group had read access to the directory, so I bumped that
up to full control, that didn't get around the error. The account I'm
specifying in IIS is member of the Domain Users, and consequently the local
"users" group.

- Chad

"Anon" <Anon@Anon.Anon> wrote in message
news:uXqnkNQ5DHA.1592@TK2MSFTNGP10.phx.gbl...[color=blue]
> ASP.NET process needs access to the
> C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Tempo rary ASP.NET Files\
> directory. It stores temporary compiled code there. If you have changed[/color]
the[color=blue]
> account that ASP.NET runs as, you need to give that new account access to
> the directory above. Its either
> "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temp orary ASP.NET Files\" or
> "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ ", I can't remember...
>
>
>
>
> "Chad Crowder" <chad@spam_me_not.chad> wrote in message
> news:OENI9fP5DHA.1592@TK2MSFTNGP10.phx.gbl...[color=green]
> > Hi all,
> >
> > I hope someone can give me a hand, because I'm out of ideas. I keep[/color]
> getting[color=green]
> > this message:
> >
> > Access to the path[/color][/color]
"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temp orary[color=blue][color=green]
> > ASP.NET Files\projects_cig\e4e3b3da\3c20ac69" is denied.
> >
> > The error goes on to say that the ASP.NET is not authorized...
> >
> > Here are my particulars:
> > I have a storage array where my asp.net project resides.
> > I create a Virtual Directory pointing to the share where the project is
> > stored.
> > I specify the network user account to use to access the share
> > I also specify the Anonymous User Account to be the same account as that
> > accessing share.
> > I've added the <identity impersonate=true /> tag to the web.config file[/color][/color]
of[color=blue][color=green]
> > my project.
> >
> > I've done this with multiple servers, 2000 and 2003 and get the same
> > results. The projects run fine locally, but I've got to get this[/color][/color]
working[color=blue][color=green]
> > where my source code is remote.
> >
> > Anyone know of the step I'm missing?
> >
> > - Chad
> >
> >[/color]
>
>[/color]

This would be true if the application does not allow anonymous access and
uses one of the other authentication schemes (basic, windows, digest). But
if the user is coming in as anonymous access, then the account being
impersonated will be whatever specified as the anonymous account which he
specifies as "I also specify the Anonymous User Account to be the same
account as that accessing share."

"Joe Agster" <anonymous@discussions.microsoft.com> wrote in message
news:7C96D2BE-32E4-4B5C-9CC1-43D73D00A0A7@microsoft.com...[color=blue]
> Try setting a username/password for the process to run under:
>
> <identity impersonate="true" userName="domain\username"[/color]
password="password"/>[color=blue]
>
> Without the username and password the ASP.NET process will run under[/color]
whoever accesses the web app. You are getting this error because those
accounts do not have unrestricted access to the server running the app.[color=blue]
>
> Joe[/color]

Try just the account and make sure it has full control. What directory did
you give access to?

"Chad Crowder" <chad@spam_me_not.chad> wrote in message
news:uiFejcQ5DHA.2572@TK2MSFTNGP09.phx.gbl...[color=blue]
> The local "users" group had read access to the directory, so I bumped that
> up to full control, that didn't get around the error. The account I'm
> specifying in IIS is member of the Domain Users, and consequently the[/color]
local[color=blue]
> "users" group.
>
> - Chad
>
> "Anon" <Anon@Anon.Anon> wrote in message
> news:uXqnkNQ5DHA.1592@TK2MSFTNGP10.phx.gbl...[color=green]
> > ASP.NET process needs access to the
> > C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Tempo rary ASP.NET Files\
> > directory. It stores temporary compiled code there. If you have changed[/color]
> the[color=green]
> > account that ASP.NET runs as, you need to give that new account access[/color][/color]
to[color=blue][color=green]
> > the directory above. Its either
> > "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temp orary ASP.NET Files\"[/color][/color]
or[color=blue][color=green]
> > "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ ", I can't remember...
> >
> >
> >
> >
> > "Chad Crowder" <chad@spam_me_not.chad> wrote in message
> > news:OENI9fP5DHA.1592@TK2MSFTNGP10.phx.gbl...[color=darkred]
> > > Hi all,
> > >
> > > I hope someone can give me a hand, because I'm out of ideas. I keep[/color]
> > getting[color=darkred]
> > > this message:
> > >
> > > Access to the path[/color][/color]
> "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temp orary[color=green][color=darkred]
> > > ASP.NET Files\projects_cig\e4e3b3da\3c20ac69" is denied.
> > >
> > > The error goes on to say that the ASP.NET is not authorized...
> > >
> > > Here are my particulars:
> > > I have a storage array where my asp.net project resides.
> > > I create a Virtual Directory pointing to the share where the project[/color][/color][/color]
is[color=blue][color=green][color=darkred]
> > > stored.
> > > I specify the network user account to use to access the share
> > > I also specify the Anonymous User Account to be the same account as[/color][/color][/color]
that[color=blue][color=green][color=darkred]
> > > accessing share.
> > > I've added the <identity impersonate=true /> tag to the web.config[/color][/color][/color]
file[color=blue]
> of[color=green][color=darkred]
> > > my project.
> > >
> > > I've done this with multiple servers, 2000 and 2003 and get the same
> > > results. The projects run fine locally, but I've got to get this[/color][/color]
> working[color=green][color=darkred]
> > > where my source code is remote.
> > >
> > > Anyone know of the step I'm missing?
> > >
> > > - Chad
> > >
> > >[/color]
> >
> >[/color]
>
>[/color]

Also what do you have for "<authentication mode= " in your web.config file?

"Anon" <Anon@Anon.Anon> wrote in message
news:unk8AiQ5DHA.1804@TK2MSFTNGP12.phx.gbl...[color=blue]
> Try just the account and make sure it has full control. What directory did
> you give access to?
>
>
>
>
> "Chad Crowder" <chad@spam_me_not.chad> wrote in message
> news:uiFejcQ5DHA.2572@TK2MSFTNGP09.phx.gbl...[color=green]
> > The local "users" group had read access to the directory, so I bumped[/color][/color]
that[color=blue][color=green]
> > up to full control, that didn't get around the error. The account I'm
> > specifying in IIS is member of the Domain Users, and consequently the[/color]
> local[color=green]
> > "users" group.
> >
> > - Chad
> >
> > "Anon" <Anon@Anon.Anon> wrote in message
> > news:uXqnkNQ5DHA.1592@TK2MSFTNGP10.phx.gbl...[color=darkred]
> > > ASP.NET process needs access to the
> > > C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Tempo rary ASP.NET Files\
> > > directory. It stores temporary compiled code there. If you have[/color][/color][/color]
changed[color=blue][color=green]
> > the[color=darkred]
> > > account that ASP.NET runs as, you need to give that new account access[/color][/color]
> to[color=green][color=darkred]
> > > the directory above. Its either
> > > "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temp orary ASP.NET[/color][/color][/color]
Files\"[color=blue]
> or[color=green][color=darkred]
> > > "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ ", I can't remember...
> > >
> > >
> > >
> > >
> > > "Chad Crowder" <chad@spam_me_not.chad> wrote in message
> > > news:OENI9fP5DHA.1592@TK2MSFTNGP10.phx.gbl...
> > > > Hi all,
> > > >
> > > > I hope someone can give me a hand, because I'm out of ideas. I keep
> > > getting
> > > > this message:
> > > >
> > > > Access to the path[/color]
> > "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temp orary[color=darkred]
> > > > ASP.NET Files\projects_cig\e4e3b3da\3c20ac69" is denied.
> > > >
> > > > The error goes on to say that the ASP.NET is not authorized...
> > > >
> > > > Here are my particulars:
> > > > I have a storage array where my asp.net project resides.
> > > > I create a Virtual Directory pointing to the share where the project[/color][/color]
> is[color=green][color=darkred]
> > > > stored.
> > > > I specify the network user account to use to access the share
> > > > I also specify the Anonymous User Account to be the same account as[/color][/color]
> that[color=green][color=darkred]
> > > > accessing share.
> > > > I've added the <identity impersonate=true /> tag to the web.config[/color][/color]
> file[color=green]
> > of[color=darkred]
> > > > my project.
> > > >
> > > > I've done this with multiple servers, 2000 and 2003 and get the same
> > > > results. The projects run fine locally, but I've got to get this[/color]
> > working[color=darkred]
> > > > where my source code is remote.
> > > >
> > > > Anyone know of the step I'm missing?
> > > >
> > > > - Chad
> > > >
> > > >
> > >
> > >[/color]
> >
> >[/color]
>
>[/color]

Hi Chad,

Thanks for posting in the community! My name is Steven, and I'll be
assisting you on this issue.
From your description, you got the following error message in your ASP.NET
web application:
-----------
Access to the path "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temp orary
ASP.NET Files\projects_cig\e4e3b3da\3c20ac69" is denied.
-----------
And you've tried on both win2k and win2003 server and with the same error.
If there is anything I misunderstood, please feel free to let me know.

Based on my experience, such security concerned issue may caused by some
unexpected errors such as application securty configuration or security
issues within the application's code. My suggestion is that we first focus
on the application's security configuration or setting and I'd like to
confirm some further questions:
1. Since you mentioned the "Access Denied" exception is also followed by
another "UnAuthorized" exception, is the UnAuthorized exception like below?
-----------------------------------------------------------------
Exception Details: System.UnauthorizedAccessException: Access to the path
"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temp orary ASP.NET
Files\wetest1\35069e45\3c6cf47" is denied.
-----------------------------------------------------------------

2. What's the authenticaion mode you used for the ASP.NET web application?
"Windows" or any other? If "Windows", as you said that the application is
impersonating via <identity impersonate="true"/> and anonymous allowed in
IIS. the identity will be the anonymous user, and you also mentioned that
you've manually mapped the anonymous's account to a DOMAIN user. So your
application will be run under the certain Domain user account.

Also, in your later reply you mentioned that you've tried giving the local
user group full access control of the certain folder,(is it the ASP.NET
tempory folder?) but with no success. I think you may try giving the
certain Domain user account the full access control of the ASP.NET tempory
folder such as "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temp orary
ASP.NET Files\" and then try running the application again.

3. In addtion to step2, you may also try change the anonymous account to
other account(such as machine\ASPNET) and give the full control of ASP.NET
tempory folder or even try set the impersionate as false and then run the
application to see whether the problem remains

Further more, as for the web application's code logic, would you please
provide some more detailed info on it such as the "I've got to get this
working where my source code is remote" or the "a Virtual Directory
pointing to the share where the project is stored"?

Please check out the preceding items. If you have any quesitons or have any
new findings, please feel free to let me know.

Regards,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

1. The Access Denied error you described is the one I was receiving.
2. I used windows authentication for the web application, I've also tried
to make the user account a domain administrator
3. A local machine account won't have access to the source code on a network
storage array.

Also, when I said it worked locally, that was to mean that if I copied the
source code to the local computer (drive C:), configure IIS for the app, it
runs fine.

I just can't get it to work when the source code is remote. I also have ran
into the error:
Parser Error Message: Could not load type 'CIG.Global'.

Thanks,
- Chad

"Steven Cheng[MSFT]" <v-schang@online.microsoft.com> wrote in message
news:eNjIzaY5DHA.1992@cpmsftngxa07.phx.gbl...[color=blue]
> Hi Chad,
>
>
> Thanks for posting in the community! My name is Steven, and I'll be
> assisting you on this issue.
> From your description, you got the following error message in your[/color]
ASP.NET[color=blue]
> web application:
> -----------
> Access to the path "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temp orary
> ASP.NET Files\projects_cig\e4e3b3da\3c20ac69" is denied.
> -----------
> And you've tried on both win2k and win2003 server and with the same error.
> If there is anything I misunderstood, please feel free to let me know.
>
> Based on my experience, such security concerned issue may caused by some
> unexpected errors such as application securty configuration or security
> issues within the application's code. My suggestion is that we first focus
> on the application's security configuration or setting and I'd like to
> confirm some further questions:
> 1. Since you mentioned the "Access Denied" exception is also followed by
> another "UnAuthorized" exception, is the UnAuthorized exception like[/color]
below?[color=blue]
> -----------------------------------------------------------------
> Exception Details: System.UnauthorizedAccessException: Access to the path
> "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temp orary ASP.NET
> Files\wetest1\35069e45\3c6cf47" is denied.
> -----------------------------------------------------------------
>
> 2. What's the authenticaion mode you used for the ASP.NET web application?
> "Windows" or any other? If "Windows", as you said that the application is
> impersonating via <identity impersonate="true"/> and anonymous allowed in
> IIS. the identity will be the anonymous user, and you also mentioned that
> you've manually mapped the anonymous's account to a DOMAIN user. So your
> application will be run under the certain Domain user account.
>
> Also, in your later reply you mentioned that you've tried giving the local
> user group full access control of the certain folder,(is it the ASP.NET
> tempory folder?) but with no success. I think you may try giving the
> certain Domain user account the full access control of the ASP.NET tempory
> folder such as "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temp orary
> ASP.NET Files\" and then try running the application again.
>
> 3. In addtion to step2, you may also try change the anonymous account to
> other account(such as machine\ASPNET) and give the full control of ASP.NET
> tempory folder or even try set the impersionate as false and then run the
> application to see whether the problem remains
>
> Further more, as for the web application's code logic, would you please
> provide some more detailed info on it such as the "I've got to get this
> working where my source code is remote" or the "a Virtual Directory
> pointing to the share where the project is stored"?
>
> Please check out the preceding items. If you have any quesitons or have[/color]
any[color=blue]
> new findings, please feel free to let me know.
>
>
> Regards,
>
> Steven Cheng
> Microsoft Online Support
>
> Get Secure! www.microsoft.com/security
> (This posting is provided "AS IS", with no warranties, and confers no
> rights.)
>[/color]

Actually, just wanted to clarify. I start getting the "Parser Errror: could
not load type cig.global" after I run the web application locally.

- Chad

"Chad Crowder" <chad@spam_me_not.chad> wrote in message
news:uFp4Dfb5DHA.2496@TK2MSFTNGP09.phx.gbl...[color=blue]
> 1. The Access Denied error you described is the one I was receiving.
> 2. I used windows authentication for the web application, I've also tried
> to make the user account a domain administrator
> 3. A local machine account won't have access to the source code on a[/color]
network[color=blue]
> storage array.
>
> Also, when I said it worked locally, that was to mean that if I copied the
> source code to the local computer (drive C:), configure IIS for the app,[/color]
it[color=blue]
> runs fine.
>
> I just can't get it to work when the source code is remote. I also have[/color]
ran[color=blue]
> into the error:
> Parser Error Message: Could not load type 'CIG.Global'.
>
> Thanks,
> - Chad
>
> "Steven Cheng[MSFT]" <v-schang@online.microsoft.com> wrote in message
> news:eNjIzaY5DHA.1992@cpmsftngxa07.phx.gbl...[color=green]
> > Hi Chad,
> >
> >
> > Thanks for posting in the community! My name is Steven, and I'll be
> > assisting you on this issue.
> > From your description, you got the following error message in your[/color]
> ASP.NET[color=green]
> > web application:
> > -----------
> > Access to the path[/color][/color]
"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temp orary[color=blue][color=green]
> > ASP.NET Files\projects_cig\e4e3b3da\3c20ac69" is denied.
> > -----------
> > And you've tried on both win2k and win2003 server and with the same[/color][/color]
error.[color=blue][color=green]
> > If there is anything I misunderstood, please feel free to let me know.
> >
> > Based on my experience, such security concerned issue may caused by some
> > unexpected errors such as application securty configuration or security
> > issues within the application's code. My suggestion is that we first[/color][/color]
focus[color=blue][color=green]
> > on the application's security configuration or setting and I'd like to
> > confirm some further questions:
> > 1. Since you mentioned the "Access Denied" exception is also followed by
> > another "UnAuthorized" exception, is the UnAuthorized exception like[/color]
> below?[color=green]
> > -----------------------------------------------------------------
> > Exception Details: System.UnauthorizedAccessException: Access to the[/color][/color]
path[color=blue][color=green]
> > "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temp orary ASP.NET
> > Files\wetest1\35069e45\3c6cf47" is denied.
> > -----------------------------------------------------------------
> >
> > 2. What's the authenticaion mode you used for the ASP.NET web[/color][/color]
application?[color=blue][color=green]
> > "Windows" or any other? If "Windows", as you said that the application[/color][/color]
is[color=blue][color=green]
> > impersonating via <identity impersonate="true"/> and anonymous allowed[/color][/color]
in[color=blue][color=green]
> > IIS. the identity will be the anonymous user, and you also mentioned[/color][/color]
that[color=blue][color=green]
> > you've manually mapped the anonymous's account to a DOMAIN user. So your
> > application will be run under the certain Domain user account.
> >
> > Also, in your later reply you mentioned that you've tried giving the[/color][/color]
local[color=blue][color=green]
> > user group full access control of the certain folder,(is it the ASP.NET
> > tempory folder?) but with no success. I think you may try giving the
> > certain Domain user account the full access control of the ASP.NET[/color][/color]
tempory[color=blue][color=green]
> > folder such as "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temp orary
> > ASP.NET Files\" and then try running the application again.
> >
> > 3. In addtion to step2, you may also try change the anonymous account to
> > other account(such as machine\ASPNET) and give the full control of[/color][/color]
ASP.NET[color=blue][color=green]
> > tempory folder or even try set the impersionate as false and then run[/color][/color]
the[color=blue][color=green]
> > application to see whether the problem remains
> >
> > Further more, as for the web application's code logic, would you please
> > provide some more detailed info on it such as the "I've got to get this
> > working where my source code is remote" or the "a Virtual Directory
> > pointing to the share where the project is stored"?
> >
> > Please check out the preceding items. If you have any quesitons or have[/color]
> any[color=green]
> > new findings, please feel free to let me know.
> >
> >
> > Regards,
> >
> > Steven Cheng
> > Microsoft Online Support
> >
> > Get Secure! www.microsoft.com/security
> > (This posting is provided "AS IS", with no warranties, and confers no
> > rights.)
> >[/color]
>
>[/color]

Hi Chad,

Thanks for your response. Based on your reply, the application run well
when the code is set on the local machine of the IIS server. Do you mean
that the "Access Denied" error also goes away when running locally? If so,
the problem is likely due to the security issue on accessing the remote
source code when the page code being compiled at runtime. Any way, have you
tried add the certain tempory folder's full control access to the certain
domain account(just to that account) which you set as the anonymous user's
mapping account?
In addtion, you mentioned that you also encountered the a "cig.Global" type
couldn't be loaed error? The "CIG.Global" must be the Global class of your
web application which is defined in the Global.asax and Global.asax.cs
file, so you may check whether these two file have been correctly set or it
there any problem with accessing these files from a remoting site. Also,
since you point the web site's virtual directory to a remote directory via
a "\\{server}\{share}" UNC path, yes? Then have you tried setting a more
high permissed account on the remote machine for the "Connect As" account ?
I still think the problems are all caused by the account's permission.

Please check out the preceding items. If you feel anything unclear or if
you have any new findings, please feel free to post here.

Regards,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Steven, Anon, and others:

I finally called MS today on this, and basically I had to do three steps
which I hadn't done (this is for windows 2003:

1. Add the domain user account that will be access the share to the
ApplicationPool identity
2. Create a new Runtime Security Policy, for the URL of the share, and
give it Full Trust.
3. Lastly I had to add the user account to the local IIS_WPG group

So, it was a permissions/security issue after all.

Thanks again to everyone who provided help with this!
- Chad

"Steven Cheng[MSFT]" <v-schang@online.microsoft.com> wrote in message
news:dWV53%23l5DHA.1988@cpmsftngxa07.phx.gbl...[color=blue]
> Hi Chad,
>
>
> Thanks for your response. Based on your reply, the application run well
> when the code is set on the local machine of the IIS server. Do you mean
> that the "Access Denied" error also goes away when running locally? If so,
> the problem is likely due to the security issue on accessing the remote
> source code when the page code being compiled at runtime. Any way, have[/color]
you[color=blue]
> tried add the certain tempory folder's full control access to the certain
> domain account(just to that account) which you set as the anonymous user's
> mapping account?
> In addtion, you mentioned that you also encountered the a "cig.Global"[/color]
type[color=blue]
> couldn't be loaed error? The "CIG.Global" must be the Global class of your
> web application which is defined in the Global.asax and Global.asax.cs
> file, so you may check whether these two file have been correctly set or[/color]
it[color=blue]
> there any problem with accessing these files from a remoting site. Also,
> since you point the web site's virtual directory to a remote directory via
> a "\\{server}\{share}" UNC path, yes? Then have you tried setting a more
> high permissed account on the remote machine for the "Connect As" account[/color]
?[color=blue]
> I still think the problems are all caused by the account's permission.
>
> Please check out the preceding items. If you feel anything unclear or if
> you have any new findings, please feel free to post here.
>
>
>
> Regards,
>
> Steven Cheng
> Microsoft Online Support
>
> Get Secure! www.microsoft.com/security
> (This posting is provided "AS IS", with no warranties, and confers no
> rights.)
>[/color]