|
P: n/a
|
Hi,
I created an asp.net 2.0 website with VWD and made it an application in IIS.
It was created on a ntfs disc (my documents...). The directory permissions
are set on 'anonymous allowed' using IUSR_MYSERVER, which has read/list
permissions to the apllication directory.
When i start it from the browser, i get this error:
Server Application Unavailable
The web application you are attempting to access on this web server is
currently unavailable. Please hit the "Refresh" button in your web browser
to retry your request.
Administrator Note: An error message detailing the cause of this specific
request failure can be found in the application event log of the web server.
Please review this log entry to discover what caused this error to occur.
The application event log tells this:
Failed to execute the request because the ASP.NET process identity does not
have read permissions to the global assembly cache. Error: 0x80070005 Access
is denied.
and this:
Failed to initialize the AppDomain:/LM/W3SVC/1/Root/testfromc
Exception: System.IO.FileLoadException
Message: Could not load file or assembly 'System.Web, Version=2.0.0.0,
Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' or one of its
dependencies. Access is denied.
StackTrace: at System.Reflection.Assembly.nLoad(AssemblyName fileName,
String codeBase, Evidence assemblySecurity, Assembly locationHint,
StackCrawlMark& stackMark, Boolean throwOnFileNotFound, Boolean
forIntrospection)
Thanks for help
Casper
| |
Share this Question
|
P: n/a
|
IUSR_MYSERVER is not the usual identity ASP.NET runs as.
If you're running on Windows XP, the account which needs permissions is
MACHINENAME\ASPNET...even if you're allowing anonymous access.
If you're running on Windows Server 2003, the account which needs permissions is
MACHINENAME\NETWORK SERVICE...even if you're allowing anonymous access.
Try granting access permissions to the appropiate account, as outlined above.
If you are still having problems after that, and you're impersonating some account,
save this code as "identity.aspx" and run it :
identity.aspx
========
<%@ Page Language="VB" %>
<%@ Import NameSpace = System.Security.Principal %>
<script runat="server">
Sub Page_Load()
Dim tmp As String = WindowsIdentity.GetCurrent.Name()
Label1.Text = tmp
End Sub
</script>
<html>
<head>
<title>WindowsIdentity.GetCurrent.Name()</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:Label ID="Label1" Runat="server" Text="Label"></asp:Label>
</div>
</form>
</body>
</html>
======
That will tell you what the current account ASP.NET is running as.
Then, assign the appropiate permissions to that account.
Juan T. Llibre, asp.net MVP
aspnetfaq.com : http://www.aspnetfaq.com/
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
===================================
"casper" <no****@dfsdf.nl> wrote in message news:e%****************@TK2MSFTNGP05.phx.gbl... Hi,
I created an asp.net 2.0 website with VWD and made it an application in IIS.
It was created on a ntfs disc (my documents...). The directory permissions
are set on 'anonymous allowed' using IUSR_MYSERVER, which has read/list
permissions to the apllication directory.
When i start it from the browser, i get this error:
Server Application Unavailable
The web application you are attempting to access on this web server is
currently unavailable. Please hit the "Refresh" button in your web browser
to retry your request.
Administrator Note: An error message detailing the cause of this specific
request failure can be found in the application event log of the web server.
Please review this log entry to discover what caused this error to occur.
The application event log tells this:
Failed to execute the request because the ASP.NET process identity does not
have read permissions to the global assembly cache. Error: 0x80070005 Access
is denied.
and this:
Failed to initialize the AppDomain:/LM/W3SVC/1/Root/testfromc
Exception: System.IO.FileLoadException
Message: Could not load file or assembly 'System.Web, Version=2.0.0.0,
Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' or one of its
dependencies. Access is denied.
StackTrace: at System.Reflection.Assembly.nLoad(AssemblyName fileName,
String codeBase, Evidence assemblySecurity, Assembly locationHint,
StackCrawlMark& stackMark, Boolean throwOnFileNotFound, Boolean
forIntrospection)
Thanks for help
Casper
| |
|
P: n/a
|
Hi, thanks for replying.
I'm running on windows 2000 sp4 and it's also the domain-controller. I ran
your identity.aspx and it tells me that the current account ASP.NET is
running as IWAM_myserver.
So i granted it the permissions and it works.
Strange, because i can read in directory security of IIS: username (for
anonymous access) is IUSR_myserver. And more, in my list of accounts, the
only new accounts i have after installing asp.net are three sqlserver2005
accounts, but no asp or netwoek service...
"Juan T. Llibre" <no***********@nowhere.com> wrote in message
news:Ob**************@TK2MSFTNGP02.phx.gbl... IUSR_MYSERVER is not the usual identity ASP.NET runs as.
If you're running on Windows XP, the account which needs permissions is
MACHINENAME\ASPNET...even if you're allowing anonymous access.
If you're running on Windows Server 2003, the account which needs
permissions is MACHINENAME\NETWORK SERVICE...even if you're allowing anonymous access.
Try granting access permissions to the appropiate account, as outlined
above.
If you are still having problems after that, and you're impersonating some
account, save this code as "identity.aspx" and run it :
identity.aspx
========
<%@ Page Language="VB" %>
<%@ Import NameSpace = System.Security.Principal %>
<script runat="server">
Sub Page_Load()
Dim tmp As String = WindowsIdentity.GetCurrent.Name()
Label1.Text = tmp
End Sub
</script>
<html>
<head>
<title>WindowsIdentity.GetCurrent.Name()</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:Label ID="Label1" Runat="server" Text="Label"></asp:Label>
</div>
</form>
</body>
</html>
======
That will tell you what the current account ASP.NET is running as.
Then, assign the appropiate permissions to that account.
Juan T. Llibre, asp.net MVP
aspnetfaq.com : http://www.aspnetfaq.com/
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
===================================
"casper" <no****@dfsdf.nl> wrote in message
news:e%****************@TK2MSFTNGP05.phx.gbl... Hi,
I created an asp.net 2.0 website with VWD and made it an application in
IIS. It was created on a ntfs disc (my documents...). The directory
permissions are set on 'anonymous allowed' using IUSR_MYSERVER, which has read/list
permissions to the apllication directory.
When i start it from the browser, i get this error:
Server Application Unavailable
The web application you are attempting to access on this web server is
currently unavailable. Please hit the "Refresh" button in your web
browser to retry your request.
Administrator Note: An error message detailing the cause of this
specific request failure can be found in the application event log of the web
server. Please review this log entry to discover what caused this error to
occur.
The application event log tells this:
Failed to execute the request because the ASP.NET process identity does
not have read permissions to the global assembly cache. Error: 0x80070005
Access is denied.
and this:
Failed to initialize the AppDomain:/LM/W3SVC/1/Root/testfromc
Exception: System.IO.FileLoadException
Message: Could not load file or assembly 'System.Web, Version=2.0.0.0,
Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' or one of its
dependencies. Access is denied.
StackTrace: at System.Reflection.Assembly.nLoad(AssemblyName fileName,
String codeBase, Evidence assemblySecurity, Assembly locationHint,
StackCrawlMark& stackMark, Boolean throwOnFileNotFound, Boolean
forIntrospection)
Thanks for help
Casper
| |
|
P: n/a
|
re: I'm running on windows 2000 sp4 and it's also the domain-controller.
it tells me that the current account ASP.NET is
running as IWAM_myserver.
Running a web server on a domain controller is a very
unusual situation because it opens up security considerations.
You should, generally, avoid running a web server on a domain controller.
If you do, you should create a weaker account to run the webserver as.
Read : "How To: Create a Custom Account to Run ASP.NET 1.1"
http://msdn.microsoft.com/library/de...secnetht01.asp
The instructions are, basically, the same as for ASP.NET 2.0...
You might also want to read "How To Create a Service Account for an ASP.NET 2.0 Application"
http://msdn.microsoft.com/library/de...aght000009.asp
Although the instructions are for Windows Server 2003, just disregard the
instructions regarding the Application Pools. The rest is the same for both OS's.
re: So i granted it the permissions and it works.
Glad that you're running again !
However, you should either
1. not run the web server in your domain controller
2. if that's impossible, create a weaker account per the instructions above.
Good luck!
Juan T. Llibre, asp.net MVP
aspnetfaq.com : http://www.aspnetfaq.com/
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
===================================
"casper" <no****@dfsdf.nl> wrote in message news:uy**************@TK2MSFTNGP04.phx.gbl... Hi, thanks for replying.
I'm running on windows 2000 sp4 and it's also the domain-controller. I ran
your identity.aspx and it tells me that the current account ASP.NET is
running as IWAM_myserver.
So i granted it the permissions and it works.
Strange, because i can read in directory security of IIS: username (for
anonymous access) is IUSR_myserver. And more, in my list of accounts, the
only new accounts i have after installing asp.net are three sqlserver2005
accounts, but no asp or netwoek service...
"Juan T. Llibre" <no***********@nowhere.com> wrote in message
news:Ob**************@TK2MSFTNGP02.phx.gbl... IUSR_MYSERVER is not the usual identity ASP.NET runs as.
If you're running on Windows XP, the account which needs permissions is
MACHINENAME\ASPNET...even if you're allowing anonymous access.
If you're running on Windows Server 2003, the account which needs
permissions is MACHINENAME\NETWORK SERVICE...even if you're allowing anonymous access.
Try granting access permissions to the appropiate account, as outlined
above.
If you are still having problems after that, and you're impersonating some
account, save this code as "identity.aspx" and run it :
identity.aspx
========
<%@ Page Language="VB" %>
<%@ Import NameSpace = System.Security.Principal %>
<script runat="server">
Sub Page_Load()
Dim tmp As String = WindowsIdentity.GetCurrent.Name()
Label1.Text = tmp
End Sub
</script>
<html>
<head>
<title>WindowsIdentity.GetCurrent.Name()</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:Label ID="Label1" Runat="server" Text="Label"></asp:Label>
</div>
</form>
</body>
</html>
======
That will tell you what the current account ASP.NET is running as.
Then, assign the appropiate permissions to that account.
Juan T. Llibre, asp.net MVP
aspnetfaq.com : http://www.aspnetfaq.com/
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
===================================
"casper" <no****@dfsdf.nl> wrote in message
news:e%****************@TK2MSFTNGP05.phx.gbl... > Hi,
>
> I created an asp.net 2.0 website with VWD and made it an application in IIS. > It was created on a ntfs disc (my documents...). The directory permissions > are set on 'anonymous allowed' using IUSR_MYSERVER, which has read/list
> permissions to the apllication directory.
>
>
> When i start it from the browser, i get this error:
> Server Application Unavailable
> The web application you are attempting to access on this web server is
> currently unavailable. Please hit the "Refresh" button in your web browser > to retry your request.
>
> Administrator Note: An error message detailing the cause of this specific > request failure can be found in the application event log of the web server. > Please review this log entry to discover what caused this error to occur. >
> The application event log tells this:
>
> Failed to execute the request because the ASP.NET process identity does not > have read permissions to the global assembly cache. Error: 0x80070005 Access > is denied.
>
> and this:
>
> Failed to initialize the AppDomain:/LM/W3SVC/1/Root/testfromc
>
> Exception: System.IO.FileLoadException
>
> Message: Could not load file or assembly 'System.Web, Version=2.0.0.0,
> Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' or one of its
> dependencies. Access is denied.
>
> StackTrace: at System.Reflection.Assembly.nLoad(AssemblyName fileName,
> String codeBase, Evidence assemblySecurity, Assembly locationHint,
> StackCrawlMark& stackMark, Boolean throwOnFileNotFound, Boolean
> forIntrospection)
>
> Thanks for help
>
> Casper
>
>
>
>
| |
|
P: n/a
|
Thanks
"Juan T. Llibre" <no***********@nowhere.com> wrote in message
news:%2****************@TK2MSFTNGP04.phx.gbl... re: I'm running on windows 2000 sp4 and it's also the domain-controller.
it tells me that the current account ASP.NET is
running as IWAM_myserver.
Running a web server on a domain controller is a very
unusual situation because it opens up security considerations.
You should, generally, avoid running a web server on a domain controller.
If you do, you should create a weaker account to run the webserver as.
Read : "How To: Create a Custom Account to Run ASP.NET 1.1"
http://msdn.microsoft.com/library/de...secnetht01.asp
The instructions are, basically, the same as for ASP.NET 2.0...
You might also want to read "How To Create a Service Account for an
ASP.NET 2.0 Application"
http://msdn.microsoft.com/library/de...aght000009.asp
Although the instructions are for Windows Server 2003, just disregard the
instructions regarding the Application Pools. The rest is the same for
both OS's.
re: So i granted it the permissions and it works.
Glad that you're running again !
However, you should either
1. not run the web server in your domain controller
2. if that's impossible, create a weaker account per the instructions
above.
Good luck!
Juan T. Llibre, asp.net MVP
aspnetfaq.com : http://www.aspnetfaq.com/
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
===================================
"casper" <no****@dfsdf.nl> wrote in message
news:uy**************@TK2MSFTNGP04.phx.gbl... Hi, thanks for replying.
I'm running on windows 2000 sp4 and it's also the domain-controller. I
ran your identity.aspx and it tells me that the current account ASP.NET is
running as IWAM_myserver.
So i granted it the permissions and it works.
Strange, because i can read in directory security of IIS: username (for
anonymous access) is IUSR_myserver. And more, in my list of accounts,
the only new accounts i have after installing asp.net are three
sqlserver2005 accounts, but no asp or netwoek service...
"Juan T. Llibre" <no***********@nowhere.com> wrote in message
news:Ob**************@TK2MSFTNGP02.phx.gbl... IUSR_MYSERVER is not the usual identity ASP.NET runs as.
If you're running on Windows XP, the account which needs permissions is
MACHINENAME\ASPNET...even if you're allowing anonymous access.
If you're running on Windows Server 2003, the account which needs
permissions is MACHINENAME\NETWORK SERVICE...even if you're allowing anonymous access.
Try granting access permissions to the appropiate account, as outlined
above.
If you are still having problems after that, and you're impersonating
some account, save this code as "identity.aspx" and run it :
identity.aspx
========
<%@ Page Language="VB" %>
<%@ Import NameSpace = System.Security.Principal %>
<script runat="server">
Sub Page_Load()
Dim tmp As String = WindowsIdentity.GetCurrent.Name()
Label1.Text = tmp
End Sub
</script>
<html>
<head>
<title>WindowsIdentity.GetCurrent.Name()</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:Label ID="Label1" Runat="server" Text="Label"></asp:Label>
</div>
</form>
</body>
</html>
======
That will tell you what the current account ASP.NET is running as.
Then, assign the appropiate permissions to that account.
Juan T. Llibre, asp.net MVP
aspnetfaq.com : http://www.aspnetfaq.com/
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
===================================
"casper" <no****@dfsdf.nl> wrote in message
news:e%****************@TK2MSFTNGP05.phx.gbl... > Hi,
>
> I created an asp.net 2.0 website with VWD and made it an application
in IIS. > It was created on a ntfs disc (my documents...). The directory
permissions > are set on 'anonymous allowed' using IUSR_MYSERVER, which has
read/list > permissions to the apllication directory.
>
>
> When i start it from the browser, i get this error:
> Server Application Unavailable
> The web application you are attempting to access on this web server
is > currently unavailable. Please hit the "Refresh" button in your web
browser > to retry your request.
>
> Administrator Note: An error message detailing the cause of this
specific > request failure can be found in the application event log of the web
server. > Please review this log entry to discover what caused this error to
occur. >
> The application event log tells this:
>
> Failed to execute the request because the ASP.NET process identity
does not > have read permissions to the global assembly cache. Error: 0x80070005
Access > is denied.
>
> and this:
>
> Failed to initialize the AppDomain:/LM/W3SVC/1/Root/testfromc
>
> Exception: System.IO.FileLoadException
>
> Message: Could not load file or assembly 'System.Web,
Version=2.0.0.0, > Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' or one of its
> dependencies. Access is denied.
>
> StackTrace: at System.Reflection.Assembly.nLoad(AssemblyName
fileName, > String codeBase, Evidence assemblySecurity, Assembly locationHint,
> StackCrawlMark& stackMark, Boolean throwOnFileNotFound, Boolean
> forIntrospection)
>
> Thanks for help
>
> Casper
>
>
>
>
| | This discussion thread is closed Replies have been disabled for this discussion. | |  Question stats - viewed: 4490
- replies: 4
- date asked: Apr 23 '06
|
