[英]IIS7 folder permissions for web application
I am using windows authentication without impersonation on my company's intranet website with IIS7.我正在使用 IIS7 在我公司的 Intranet 网站上使用 Windows 身份验证而不进行模拟。
Under IIS7, what account is used to access the folder which contains my web app using these settings?在 IIS7 下,使用这些设置访问包含我的 Web 应用程序的文件夹的帐户是什么?
Would it be IIS_IUSRS?会是 IIS_IUSRS 吗? Or NETWORK SERVICE?还是网络服务? Or another I don't know about?或者另一个我不知道的?
In IIS 7 (not IIS 7.5), sites access files and folders based on the account set on the application pool for the site.在 IIS 7(不是 IIS 7.5)中,站点根据在站点的应用程序池上设置的帐户访问文件和文件夹。 By default, in IIS7, this account is NETWORK SERVICE
.默认情况下,在 IIS7 中,此帐户为NETWORK SERVICE
。
Specify an Identity for an Application Pool (IIS 7) 为应用程序池指定标识 (IIS 7)
In IIS 7.5 (Windows 2008 R2 and Windows 7), the application pools run under the ApplicationPoolIdentity which is created when the application pool starts.在 IIS 7.5(Windows 2008 R2 和 Windows 7)中,应用程序池在应用程序池启动时创建的 ApplicationPoolIdentity 下运行。 If you want to set ACLS for this account, you need to choose IIS AppPool\\ApplicationPoolName
instead of NT Authority\\Network Service
.如果要为此帐户设置ACLS,则需要选择IIS AppPool\\ApplicationPoolName
而不是NT Authority\\Network Service
。
http://forums.iis.net/t/1187650.aspx has the answer. http://forums.iis.net/t/1187650.aspx有答案。 Setting the iis authentication to appliction pool identity will resolve this.将 iis 身份验证设置为应用程序池身份将解决此问题。
In IIS Authentication, Anonymous Authentication was set to "Specific User".在 IIS 身份验证中,匿名身份验证设置为“特定用户”。 When I changed it to Application Pool, I can access the site.当我将其更改为应用程序池时,我可以访问该站点。
To set, click on your website in IIS and double-click "Authentication".要设置,请在 IIS 中单击您的网站,然后双击“身份验证”。 Right-click on "Anonymous Authentication" and click "Edit..." option.右键单击“匿名身份验证”,然后单击“编辑...”选项。 Switch from "Specific User" to "Application pool identity".从“特定用户”切换到“应用程序池标识”。 Now you should be able to set file and folder permissions using the IIS AppPool\\{Your App Pool Name}.现在您应该能够使用 IIS AppPool\\{您的应用程序池名称} 设置文件和文件夹权限。
Running IIS 7.5, I had luck adding permissions for the local computer user IUSR .运行 IIS 7.5,我很幸运地为本地计算机用户IUSR添加了权限。 The app pool user didn't work.应用程序池用户不起作用。
If it's any help to anyone, give permission to "IIS_IUSRS" group.如果对任何人有帮助,请授予“IIS_IUSRS”组权限。
Note that if you can't find "IIS_IUSRS", try prepending it with your server's name, like "MySexyServer\\IIS_IUSRS".请注意,如果您找不到“IIS_IUSRS”,请尝试在其前面加上您的服务器名称,例如“MySexyServer\\IIS_IUSRS”。
Worked for me in 30 seconds, short and sweet:在 30 秒内为我工作,简短而甜蜜:
I got to problem this way:我遇到了这样的问题:
-Created console application with C# - 使用 C# 创建控制台应用程序
-This appliaction using createeventsource like this - 使用 createeventsource 这样的应用程序
if(!System.Diagnostics.EventLog.SourceExists(sourceName)) System.Diagnostics.EventLog.CreateEventSource(sourceName,logName); if(!System.Diagnostics.EventLog.SourceExists(sourceName)) System.Diagnostics.EventLog.CreateEventSource(sourceName,logName);
-Build solution and get .exe file - 构建解决方案并获取 .exe 文件
-Run exe as administator.This create log file. - 以管理员身份运行 exe。这将创建日志文件。
NOTE: Dont remember Event viewer must be refresh for see the log.注意:不要记住事件查看器必须刷新才能查看日志。
I hope this solution helps someone :)我希望这个解决方案可以帮助某人:)
Read/Write permission for Web host application using IIS follow following step:-使用 IIS 的 Web 主机应用程序的读/写权限请按照以下步骤操作:-
1)Check the Application pool for the Site 1)检查站点的应用程序池
2)Go to Application Pool and Check the Identity of the Site. 2) 进入应用程序池并检查站点的身份。
3)Explorer the Site and go to the main folder and right-click on that folder. 3)浏览站点并转到主文件夹并右键单击该文件夹。
4)Go to Security Tab and click on the Edit button and then click on the user Identity and below you can see the multiple check box options which you want to provide permission for authenticated users after selecting the check box click on save. 4)转到安全选项卡并单击编辑按钮,然后单击用户身份,在下方您可以看到多个复选框选项,在选中复选框单击保存后,您要为经过身份验证的用户提供权限。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.