stackoom
  简体   繁体   中英

Classic ASP - Permission Denied on file move IIS

 原文  2014-04-17 14:57:02       iis/ asp-classic

Question

I have a bit of an issue with Windows permissions, I have a script (which I didn't write) which uploads a file to a local temp area, then is moved and renamed to a UNC share.

I have tried:

Creating one domain user with domain rights, used that in the Connect As and Directory Security - Authentication and also is on the the target source as a read/write user. I've logged in to a test server with that user and verified that this user can write to the source location, which it can.

But I get the error message:

Microsoft VBScript runtime error '800a0046'

Permission denied

/Admin/News/insert.asp, line 56

The code in question attempting to perform the move is (although this may not be relevant to a security issue): 

    if fileUploaded then
    dim fs,f,savedFileLocation
    set fs=Server.CreateObject("Scripting.FileSystemObject")
    savedFileLocation = server.MapPath("/Files") & "\Briefings\" & right("00" & day(now()),2) & right("00" & month(now()),2) & year(now()) & " - " & fileName
    if not fs.FileExists(savedFileLocation) then
        Set f=fs.GetFile(pathToFile)
        f.Move(savedFileLocation)
    end if
    set f=nothing
    set fs=nothing
end if

Any pointers would be gratefully acknowledged, I've found the security permissions with IIS a nightmare!

2 answers

solution1
 0 ACCPTED  2014-04-17 17:33:50

IIS6 supports application pools and you can make application pools run as a named user account rather than IUSR. If you have a AD domain handy then this can be a domain account and the sharing is straightforward. If you are not using an AD domain then you can still work around this -- just create an account with an identical username and password on both boxes and NTLM will automagically work.

It has been a while since I touched IIS6 but I seem to recall that IIS6 ran as NT AUTHORITY\\NETWORK SERVICE out of the box. If this is the case and you've got a domain handy you can also give the magical DOMAIN\\MACHINENAME$ account permissions and it should also work.

solution2
 0  2014-04-17 19:06:49

Try to open IIS property of this UNC folder/share in your site(my guess that it is setup as virtual folder) and see if your user have write permission there. Basically I would rather give write permission to app pool user instead of creating new one, but it is your choice. Because your app pool for the site will have to run under this user name.

In any case because file transfer happening under app pool user that whose permission on both folders(local and UNC share) you need to verify on each web server if you have clustered or load balanced system.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Permission Denied on move_uploaded_file to another server in IIS PHP/IIS copy()/move_uploaded_file() failed to open stream: Permission denied Warning Classic ASP + IIS 7 Writing a file to a network drive Classic ASP - Windows Vista - IIS7 - Permission issue Authentication in IIS and classic ASP Permission denied when creating text file in asp IIS 7 / PHP 5.3.6 Permission denied when accessing network file Unable to write a file in classic asp using IIS 6.0 GET IIS detail in Classic ASP PHP mkdir() and move_uploaded_file() Permission Denied with 777
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM