Well, I have been trying to trackdown an incredibly irritating issue with my ASP.NET v1.1 code not running on one of our w2k (windows 2000) servers. I think the root cause of it all has to deal with the fact that this box runs OWA (Outlook Web Access) and OWA doesn't play well will other. So here is the run down. In the machine.config , node processmodel where use name says "machine" it is using the ASPNET local user. For the most part this user has access to everything it needs because it is in the Group user. (I know a user in the user group... a little redundant). However there are some instances, depending on patches and services packs where this user doesn't get the correct NT users permissions. This table from Microsoft really helped.
Table 1. Required NTFS permissions
| Folder | Required Permission | Account | Comments |
|---|---|---|---|
| C:\WINNT\Microsoft.NET\ Framework\<version>\ Temporary ASP.NET Files | Full Control | Process and fixed impersonation accounts | This is the ASP.NET dynamic compilation location. Application code is generated in a discrete directory for each application beneath this folder. The tempdir attribute on the <compilation> element can be used to change this default location. |
| C:\WINNT\temp | Read/Write/Delete | Process | Location used by Web services to generate serialization proxies. Note that the Delete permission is set using the Advanced button on the Security page of the Windows Explorer folder properties dialog box. |
| Application folder | Read | Process | The location of your Web application files (that is, your application's virtual root directory: for example, c:\inetpub\wwwroot\webapp1). By default, the Users group has the appropriate access rights. |
| %installroot% hierarchy (C:\WINNT\Microsoft.Net\Framework\v1.0.3705) | Read | Process and fixed impersonation accounts | ASP.NET must be able to access .NET Framework assemblies. By default, the Users group has the appropriate access rights. |
| C:\WINNT\assembly | Read | Process and fixed impersonation accounts | This is the global assembly cache. You cannot directly use Windows Explorer to edit ACLs for this folder. Instead, use a command Windows and run the following command: cacls %windir%\assembly /e /t /p domain\useraccount:R Alternatively, prior to using Windows explorer, unregister shfusion.dll with the following command: regsvr32–u shfusion.dll After setting permissions with Windows explorer, re-register shfusion.dll with the following command: regsvr32 shfusion.dll |
| Web site root: C:\inetpub\ wwwroot or the path that the default Web site points to | Read | Process | ASP.NET reads configuration files and monitors for file changes in this folder. |
| C:\WINNT\system32 | Read | Process | For system DLLs loaded by the Framework. |
| Parent directories of context | List Folder/ Read | Process | For file change notifications and the C# compiler. |
No comments:
Post a Comment