server application unavailable

Hi,

I created an asp.net 2.0 website with VWD and made it an application in IIS.
It was created on a ntfs disc (my documents...). The directory permissions
are set on 'anonymous allowed' using IUSR_MYSERVER, which has read/list
permissions to the apllication directory.
When i start it from the browser, i get this error:
Server Application Unavailable
The web application you are attempting to access on this web server is
currently unavailable. Please hit the "Refresh" button in your web browser
to retry your request.

Administrator Note: An error message detailing the cause of this specific
request failure can be found in the application event log of the web server.
Please review this log entry to discover what caused this error to occur.

The application event log tells this:

Failed to execute the request because the ASP.NET process identity does not
have read permissions to the global assembly cache. Error: 0x80070005 Access
is denied.

and this:

Failed to initialize the AppDomain:/LM/W3SVC/1/Root/testfromc

Exception: System.IO.FileLoadException

Message: Could not load file or assembly 'System.Web, Version=2.0.0.0,
Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' or one of its
dependencies. Access is denied.

StackTrace: at System.Reflection.Assembly.nLoad(AssemblyName fileName,
String codeBase, Evidence assemblySecurity, Assembly locationHint,
StackCrawlMark& stackMark, Boolean throwOnFileNotFound, Boolean
forIntrospection)

Thanks for help

Casper

IUSR_MYSERVER is not the usual identity ASP.NET runs as.

If you're running on Windows XP, the account which needs permissions is
MACHINENAME\ASPNET...even if you're allowing anonymous access.

If you're running on Windows Server 2003, the account which needs permissions is MACHINENAME\NETWORK SERVICE...even if you're allowing anonymous access.

Try granting access permissions to the appropiate account, as outlined above.
If you are still having problems after that, and you're impersonating some account, save this code as "identity.aspx" and run it :

identity.aspx
========

<%@ Page Language="VB" %>
<%@ Import NameSpace = System.Security.Principal %>
<script runat="server">
Sub Page_Load()
Dim tmp As String = WindowsIdentity.GetCurrent.Name()
Label1.Text = tmp
End Sub
</script>
<html>
<head>
<title>WindowsIdentity.GetCurrent.Name()</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:Label ID="Label1" Runat="server" Text="Label"></asp:Label>
</div>
</form>
</body>
</html>
======

That will tell you what the current account ASP.NET is running as.
Then, assign the appropiate permissions to that account.


Juan T. Llibre, asp.net MVP
aspnetfaq.com : http://www.aspnetfaq.com/
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
===================================
"casper" <no****@dfsdf.nl> wrote in message

Hi,

I created an asp.net 2.0 website with VWD and made it an application in IIS. It was created on a ntfs disc (my documents...). The directory permissions are set on 'anonymous allowed' using IUSR_MYSERVER, which has read/list
permissions to the apllication directory.
When i start it from the browser, i get this error:
Server Application Unavailable
The web application you are attempting to access on this web server is
currently unavailable. Please hit the "Refresh" button in your web browser to retry your request.

Administrator Note: An error message detailing the cause of this specific request failure can be found in the application event log of the web server. Please review this log entry to discover what caused this error to occur.
The application event log tells this:

Failed to execute the request because the ASP.NET process identity does not have read permissions to the global assembly cache. Error: 0x80070005 Access is denied.

and this:

Failed to initialize the AppDomain:/LM/W3SVC/1/Root/testfromc

Exception: System.IO.FileLoadException

Message: Could not load file or assembly 'System.Web, Version=2.0.0.0,
Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' or one of its
dependencies. Access is denied.

StackTrace: at System.Reflection.Assembly.nLoad(AssemblyName fileName,
String codeBase, Evidence assemblySecurity, Assembly locationHint,
StackCrawlMark& stackMark, Boolean throwOnFileNotFound, Boolean
forIntrospection)

Thanks for help

Casper

I'm running on windows 2000 sp4 and it's also the domain-controller.
it tells me that the current account ASP.NET is
running as IWAM_myserver.
Running a web server on a domain controller is a very
unusual situation because it opens up security considerations.

You should, generally, avoid running a web server on a domain controller.

If you do, you should create a weaker account to run the webserver as.

Read : "How To: Create a Custom Account to Run ASP.NET 1.1"
http://msdn.microsoft.com/library/de...secnetht01.asp

The instructions are, basically, the same as for ASP.NET 2.0...

You might also want to read "How To Create a Service Account for an ASP.NET 2.0 Application"

http://msdn.microsoft.com/library/de...aght000009.asp

Although the instructions are for Windows Server 2003, just disregard the
instructions regarding the Application Pools. The rest is the same for both OS's.

re: So i granted it the permissions and it works.
Glad that you're running again !

However, you should either

1. not run the web server in your domain controller
2. if that's impossible, create a weaker account per the instructions above.

Good luck!


Juan T. Llibre, asp.net MVP
aspnetfaq.com : http://www.aspnetfaq.com/
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
===================================
"casper" <no****@dfsdf.nl> wrote in message news:uy**************@TK2MSFTNGP04.phx.gbl... Hi, thanks for replying.

I'm running on windows 2000 sp4 and it's also the domain-controller. I ran
your identity.aspx and it tells me that the current account ASP.NET is
running as IWAM_myserver.
So i granted it the permissions and it works. Strange, because i can read in directory security of IIS: username (for
anonymous access) is IUSR_myserver. And more, in my list of accounts, the
only new accounts i have after installing asp.net are three sqlserver2005
accounts, but no asp or netwoek service...

"Juan T. Llibre" <no***********@nowhere.com> wrote in message
news:Ob**************@TK2MSFTNGP02.phx.gbl...

IUSR_MYSERVER is not the usual identity ASP.NET runs as.

If you're running on Windows XP, the account which needs permissions is
MACHINENAME\ASPNET...even if you're allowing anonymous access.

If you're running on Windows Server 2003, the account which needs

permissions is

MACHINENAME\NETWORK SERVICE...even if you're allowing anonymous access.

Try granting access permissions to the appropiate account, as outlined

above.

If you are still having problems after that, and you're impersonating some

account,

save this code as "identity.aspx" and run it :

identity.aspx
========

<%@ Page Language="VB" %>
<%@ Import NameSpace = System.Security.Principal %>
<script runat="server">
Sub Page_Load()
Dim tmp As String = WindowsIdentity.GetCurrent.Name()
Label1.Text = tmp
End Sub
</script>
<html>
<head>
<title>WindowsIdentity.GetCurrent.Name()</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:Label ID="Label1" Runat="server" Text="Label"></asp:Label>
</div>
</form>
</body>
</html>
======

That will tell you what the current account ASP.NET is running as.
Then, assign the appropiate permissions to that account.


Juan T. Llibre, asp.net MVP
aspnetfaq.com : http://www.aspnetfaq.com/
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
===================================
"casper" <no****@dfsdf.nl> wrote in message

news:e%****************@TK2MSFTNGP05.phx.gbl...

> Hi,
>
> I created an asp.net 2.0 website with VWD and made it an application in IIS. > It was created on a ntfs disc (my documents...). The directory permissions > are set on 'anonymous allowed' using IUSR_MYSERVER, which has read/list
> permissions to the apllication directory.
>
>
> When i start it from the browser, i get this error:
> Server Application Unavailable
> The web application you are attempting to access on this web server is
> currently unavailable. Please hit the "Refresh" button in your web browser > to retry your request.
>
> Administrator Note: An error message detailing the cause of this specific > request failure can be found in the application event log of the web server. > Please review this log entry to discover what caused this error to occur. >
> The application event log tells this:
>
> Failed to execute the request because the ASP.NET process identity does not > have read permissions to the global assembly cache. Error: 0x80070005 Access > is denied.
>
> and this:
>
> Failed to initialize the AppDomain:/LM/W3SVC/1/Root/testfromc
>
> Exception: System.IO.FileLoadException
>
> Message: Could not load file or assembly 'System.Web, Version=2.0.0.0,
> Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' or one of its
> dependencies. Access is denied.
>
> StackTrace: at System.Reflection.Assembly.nLoad(AssemblyName fileName,
> String codeBase, Evidence assemblySecurity, Assembly locationHint,
> StackCrawlMark& stackMark, Boolean throwOnFileNotFound, Boolean
> forIntrospection)
>
> Thanks for help
>
> Casper
>
>
>
>

re:

I'm running on windows 2000 sp4 and it's also the domain-controller.
it tells me that the current account ASP.NET is
running as IWAM_myserver.
Running a web server on a domain controller is a very
unusual situation because it opens up security considerations.

You should, generally, avoid running a web server on a domain controller.

If you do, you should create a weaker account to run the webserver as.

Read : "How To: Create a Custom Account to Run ASP.NET 1.1"

http://msdn.microsoft.com/library/de...secnetht01.asp
The instructions are, basically, the same as for ASP.NET 2.0...

You might also want to read "How To Create a Service Account for an ASP.NET 2.0 Application"
http://msdn.microsoft.com/library/de...aght000009.asp
Although the instructions are for Windows Server 2003, just disregard the
instructions regarding the Application Pools. The rest is the same for both OS's.
re:

So i granted it the permissions and it works.
Glad that you're running again !

However, you should either

1. not run the web server in your domain controller
2. if that's impossible, create a weaker account per the instructions

above.
Good luck!


Juan T. Llibre, asp.net MVP
aspnetfaq.com : http://www.aspnetfaq.com/
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
===================================
"casper" <no****@dfsdf.nl> wrote in message

Hi, thanks for replying.

I'm running on windows 2000 sp4 and it's also the domain-controller. I ran your identity.aspx and it tells me that the current account ASP.NET is
running as IWAM_myserver.
So i granted it the permissions and it works.

Strange, because i can read in directory security of IIS: username (for
anonymous access) is IUSR_myserver. And more, in my list of accounts, the only new accounts i have after installing asp.net are three sqlserver2005 accounts, but no asp or netwoek service...

"Juan T. Llibre" <no***********@nowhere.com> wrote in message
news:Ob**************@TK2MSFTNGP02.phx.gbl...

IUSR_MYSERVER is not the usual identity ASP.NET runs as.

If you're running on Windows XP, the account which needs permissions is
MACHINENAME\ASPNET...even if you're allowing anonymous access.

If you're running on Windows Server 2003, the account which needs

permissions is

MACHINENAME\NETWORK SERVICE...even if you're allowing anonymous access.

Try granting access permissions to the appropiate account, as outlined

above.

If you are still having problems after that, and you're impersonating some

account,

save this code as "identity.aspx" and run it :

identity.aspx
========

<%@ Page Language="VB" %>
<%@ Import NameSpace = System.Security.Principal %>
<script runat="server">
Sub Page_Load()
Dim tmp As String = WindowsIdentity.GetCurrent.Name()
Label1.Text = tmp
End Sub
</script>
<html>
<head>
<title>WindowsIdentity.GetCurrent.Name()</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:Label ID="Label1" Runat="server" Text="Label"></asp:Label>
</div>
</form>
</body>
</html>
======

That will tell you what the current account ASP.NET is running as.
Then, assign the appropiate permissions to that account.


Juan T. Llibre, asp.net MVP
aspnetfaq.com : http://www.aspnetfaq.com/
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
===================================
"casper" <no****@dfsdf.nl> wrote in message

news:e%****************@TK2MSFTNGP05.phx.gbl...

> Hi,
>
> I created an asp.net 2.0 website with VWD and made it an application

in IIS.

> It was created on a ntfs disc (my documents...). The directory

permissions

> are set on 'anonymous allowed' using IUSR_MYSERVER, which has

read/list > permissions to the apllication directory.
>
>
> When i start it from the browser, i get this error:
> Server Application Unavailable
> The web application you are attempting to access on this web server is > currently unavailable. Please hit the "Refresh" button in your web

browser

> to retry your request.
>
> Administrator Note: An error message detailing the cause of this

specific

> request failure can be found in the application event log of the web

server.

> Please review this log entry to discover what caused this error to

occur.

>
> The application event log tells this:
>
> Failed to execute the request because the ASP.NET process identity does not

> have read permissions to the global assembly cache. Error: 0x80070005

Access

> is denied.
>
> and this:
>
> Failed to initialize the AppDomain:/LM/W3SVC/1/Root/testfromc
>
> Exception: System.IO.FileLoadException
>
> Message: Could not load file or assembly 'System.Web,

Version=2.0.0.0, > Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' or one of its
> dependencies. Access is denied.
>
> StackTrace: at System.Reflection.Assembly.nLoad(AssemblyName fileName, > String codeBase, Evidence assemblySecurity, Assembly locationHint,
> StackCrawlMark& stackMark, Boolean throwOnFileNotFound, Boolean
> forIntrospection)
>
> Thanks for help
>
> Casper
>
>
>
>