Click here to Skip to main content
Rate this: bad
good
Please Sign up or sign in to vote.
See more: IIS7 security
A customer of ours has given us 2 virtual machines and a shared folder on a different machine that I don't have access to. I want to access the shared folder from an IIS 7 application that runs on the virtual machines.
 
When I log onto the virtual machines I use the user "XXX\aaa".
 
The web application runs in its own App Pool and that App Pool has been given the Identity "XXX\aaa". I can modify the permissions on the shared folder and have added "XXX\aaa" as having full control of the shared folder.
 
The IIS application gets "Access to path \\sharded\folder is denied".
 
From either of the virtual machines, I can added folders and files to the shared drive. I can also do this with an console application.
 
However, if I create a shared folder on one of the virtual machines and point the other virtual machine to use the first, I am successful - even though "XXX\aaa" has not been added to the security. FYI: however, Administrators is in the security, but "Administrators" is not available on the shared folder. I presume "XXX\aaa" is part of the "Administrators" group and that is why it succeeds. I can't add "Administrators" to the shared folder, but I would assume that adding "XXX\aaa" would suffice.
 
I want to be able to go back to the customer and explain what needs to be done, but I don't have a clue!
Posted 19-Jun-13 12:06pm
Ger2001495
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 1

Your IIS user does not have permission. The error means what it says.
  Permalink  
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 2

IIS can be a bit confusing when it comes to figuring out what accounts your application is running under and setting up the correct security for shared folders. Once you know what account the app is running under (and that is the account trying to access your shared folder) it is pretty simple.
 
Where I work, we have a few web apps that need to access files on a shared folder also. Using IIS 7, by default i believe the apps will run under \iis_iusrs account. Our shared folders are setup to give that account permission to read/write. (you will need to set the share permissions and also the NTFS permissions. So, when looking at the folders properties, there is a sharing tab. Set the permissions there. There is also a security tab. Also set the permissions there.
 
Good luck!
  Permalink  
Comments
Ger2001 at 20-Jun-13 13:38pm
   
Your explanation is valid if the App Pool runs under the "ApplicationPoolIdentity" Identity. In my case I explicitly set it to be the user "XXX\aaa" which should have access to the shared folder.
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 3

Well, I didn't really solve it. Our customer gave me a new user to use and once I set the App Pool identification to the new user, I was able to access the shared folder. So ultimately, it had something to do with the security on the remote system. But its all too confusing to me!
  Permalink  
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 4

Set same users in both computers with IIS access, then in IIS, create a virtual directory and introduce logon details (same details) and all should be ok.
  Permalink  

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



Advertise | Privacy | Mobile
Web03 | 2.8.1411022.1 | Last Updated 25 Jun 2014
Copyright © CodeProject, 1999-2014
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100