By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
435,389 Members | 2,070 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 435,389 IT Pros & Developers. It's quick & easy.

Access Denied

P: 9
I am having an issue and after searching around online for a day and half now and finding others with the same problem but yet no solution to my issue I am looking for help.

What i have is ServerA which is a webserver running Win2k3 with IIS6, my domain account is a local administrator on this machine. The web app I am running is trying to write a file to ServerB which is also a Win2k3 machine. On the folder of the machine I am writing to I have NTFS Full control permissions to both me and the domain account that the IIS App Pool is running as. The IIS App Pool isn't running as Network Services but as a domain account that has administrative rights on ServerA and Full Control on the folder on Server B.

Some background on the webApp, it is a ASP.net 2.0 web page using C#. I have a onclick event that calls a Class passing a String[] Servers and a string Event.
Expand|Select|Wrap|Line Numbers
  1. public string WriteServersToTextFiles(string [] theServerNames, string theServerProdGroup)
  2.  
  3. {
  4.  
  5. //String for the location of the server.txt file
  6.  
  7. string thePath = "";
  8.  
  9. int i;
  10.  
  11. //Pass the patch group into the path
  12.  
  13. thePath = @"\\ServerB\TEST\" + theServerProdGroup + @"\servers.txt";
  14.  
  15. //Check to see if file already exists. If so, call function that makes a backup copy and renames it.
  16.  
  17. if (File.Exists(thePath))
  18.  
  19. {
  20.  
  21. changeFileName(theServerProdGroup);
  22.  
  23. }
  24.  
  25.  
  26. // create a writer and open the file
  27.  
  28. TextWriter tw = new StreamWriter(thePath);
  29.  
  30. // Write server names to the file
  31.  
  32. for (i = 0; i < theServerNames.Length; i++)
  33.  
  34. {
  35.  
  36. tw.WriteLine(theServerNames[i].ToString());
  37.  
  38. }
  39.  
  40.  
  41. // close the stream
  42.  
  43. tw.Close();
  44.  
  45. //Call method, and return a string which confirms file was written successfully, or returns an error stating otherwise
  46.  
  47. return confirmTextFilesWereWritten(theServerNames, theServerProdGroup); 
  48.  
  49. private void changeFileName(string theServerProdGroup)
  50.  
  51. {
  52.  
  53. //Create DateTime object that stores current date and time
  54.  
  55. DateTime currentDate = DateTime.Now;
  56.  
  57. //http://msdn2.microsoft.com/en-us/library/8kb3ddd4.aspx
  58.  
  59. string newFileName = currentDate.ToString("yyyyMMddHHmmss") + "_servers.txt";
  60.  
  61. //Change file name
  62.  
  63. File.Move(@"\\ServerB\TEST\" + theServerProdGroup + 
  64.  
  65. @"\servers.txt", @"\\ServerB\TEST\" + theServerProdGroup + @"\" + newFileName);
  66.  
  67. }
  68.  
When I run this WebApp as Localhost from ServerA everything works like it should and is great, however when I run the WebApp from my WinXP machine and I click the button to generate the text files I get prompted to login to ServerA even though the file is being wrote to ServerB. In my web.config I do have impersonate set to true as I need to for security reasons. No matter what account I try to use I get the following error.

Access to the path '\\ServerB\TEST\Dev2_2000-0400\servers.txt' is denied.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.UnauthorizedAccessException: Access to the path '\\ServerB\TEST\Dev2_2000-0400\servers.txt' is denied.

ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or Network Service on IIS 6) that is used if the application is not impersonating. If the application is impersonating via <identity impersonate="true"/>, the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.

To grant ASP.NET access to a file, right-click the file in Explorer, choose "Properties" and select the Security tab. Click "Add" to add the appropriate user or group. Highlight the ASP.NET account, and check the boxes for the desired access.

Source Error:

Line 72:
Line 73: // create a writer and open the file
Line 74: TextWriter tw = new StreamWriter(thePath);
Line 75:
Line 76: // Write server names to the file


Source File: c:\Inetpub\wwwroot\WSIHarvester\App_Code\ServersTe xtFileWriter.cs Line: 74

Stack Trace:

[UnauthorizedAccessException: Access to the path '\\ServerB\TEST\Dev2_2000-0400\servers.txt' is denied.]
System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) +2013027
System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) +998
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) +115
System.IO.StreamWriter.CreateFile(String path, Boolean append) +58
System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding, Int32 bufferSize) +91
System.IO.StreamWriter..ctor(String path) +27
ServersTextFileWriter.WriteServersToTextFiles(Stri ng[] theServerNames, String theServerProdGroup) in c:\Inetpub\wwwroot\WSIHarvester\App_Code\ServersTe xtFileWriter.cs:74
Generate_Patch_Group_Text_Files.getPatchGroups_Cli ck(Object sender, EventArgs e) in c:\Inetpub\wwwroot\WSIHarvester\Generate_Patch_Gro up_Text_Files.aspx.cs:72
System.Web.UI.WebControls.Button.OnClick(EventArgs e) +105
System.Web.UI.WebControls.Button.RaisePostBackEven t(String eventArgument) +107
System.Web.UI.WebControls.Button.System.Web.UI.IPo stBackEventHandler.RaisePostBackEvent(String eventArgument) +7
System.Web.UI.Page.RaisePostBackEvent(IPostBackEve ntHandler sourceControl, String eventArgument) +11
System.Web.UI.Page.RaisePostBackEvent(NameValueCol lection postData) +33
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +5102

Version Information: Microsoft .NET Framework Version:2.0.50727.42; ASP.NET Version:2.0.50727.42
When this happens the event log for ServerA has a Application Event of

Event Type: Information
Event Source: ASP.NET 2.0.50727.0
Event Category: Web Event
Event ID: 1314
Date: 1/11/2007
Time: 8:38:39 AM
User: N/A
Computer: ServerA
Description:
Event code: 4011
Event message: An unhandled access exception has occurred.
Event time: 1/11/2007 8:38:39 AM
Event time (UTC): 1/11/2007 1:38:39 PM
Event ID: 1313c5a9caa548e0a681ca9502a48d28
Event sequence: 136
Event occurrence: 1
Event detail code: 0

Application information:
Application domain: /LM/W3SVC/1/Root/WSIHarvester-1-128129961851916396
Trust level: Full
Application Virtual Path: /WSIHarvester
Application Path: C:\Inetpub\wwwroot\WSIHarvester\
Machine name: ServerA

Process information:
Process ID: 2576
Process name: w3wp.exe
Account name: Domain\ASPuserAccount

Request information:
Request URL: http://ServerA/WSIHarvester/SchemeCurrent.aspx
Request path: /WSIHarvester/SchemeCurrent.aspx
User host address: 192.168.14.96
User: Domain\MyUserName
Is authenticated: True
Authentication Type: Negotiate
Thread account name: Domain\ASPuserAccountASPuserAccount

Custom event details:

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
And Also Security Events of

Event Type: Success Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 576
Date: 1/11/2007
Time: 8:38:42 AM
User: Domain\MyUserName
Computer: ServerA
Description:
Special privileges assigned to new logon:
User Name: MyUserName
Domain: Domain
Logon ID: (0x0,0xE5170)
Privileges: SeSecurityPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeTakeOwnershipPrivilege
SeDebugPrivilege
SeSystemEnvironmentPrivilege
SeLoadDriverPrivilege
SeImpersonatePrivilege

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Success Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 540
Date: 1/11/2007
Time: 8:38:42 AM
User: Domain\MyUserName
Computer: ServerA
Description:
Successful Network Logon:
User Name: MyUserName
Domain: Domain
Logon ID: (0x0,0xE5170)
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name: MyWinXPMachine
Logon GUID: -
Caller User Name: -
Caller Domain: -
Caller Logon ID: -
Caller Process ID: -
Transited Services: -
Source Network Address: 192.168.14.96
Source Port: 4762

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
I am at my wits end on how to solve this Issue. Any Help would greatly be appreciated. Also if you need to know any more information feel free to ask.
Jan 11 '07 #1
Share this Question
Share on Google+
1 Reply


kenobewan
Expert 2.5K+
P: 4,871
I believe that the only guaranteed way that you are going to get this to work is to upgrade the XP machine to the same specs as the other machines. I code on an XP and serve to Win Server 2003 test & production machines, so I know where you are coming from.

I would check IIS & .NET versions on all machines, if you can't upgrade the OS at least ensure that these are the same. Its not like the old client-side browser compatability issues where you can serve up different code.

Normally I would say that I hope this helps, but I don't see a solution arising from code for this problem.
Jan 12 '07 #2

Post your reply

Sign in to post your reply or Sign up for a free account.