Allowing Access To Outlook Interop In Web Forms Project

Question

I am having a problem with IIS permissions and Microsoft's Outlook 2010 interop assembly using a web forms project.

I created a proof of concept project to make sure I could use Microsoft's Outlook interop assembly in a particular the situation I am tasked with. The demo project worked great and I had no problems. Now I am trying to integrate it into our main project and I am running into an IIS permission issue. I have my web site running in IIS 7 locally. In IIS Manager, I click on Application Pools -> My Web Site -> Advanced Settings. In this window, I have a custom Identity called "fileshare" with a password ("fileshare" was create to secure access to the web site's images, pdf files, etc. on a development network server). I copied the outlook interop assembly into our common shared assemblies folder instead of referencing it from the GAC. I gave the assembly all permissions for IUSER, NETWORK SERVICE, IIS_WPG, ASP.NET and fileshare. I get the following run- time error:

Retrieving the COM class factory for component with CLSID {0006F03A-0000-0000-
C000-000000000046} failed due to the following error: 80070005 Access is denied.
(Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)). Description: An unhandled
exception occurred during the execution of the current web request. Please
review the stack trace for more information about the error and where it
originated in the code.

Exception Details: System.UnauthorizedAccessException: Retrieving the COM class
factory for component with CLSID {0006F03A-0000-0000- C000-000000000046} failed
due to the following error: 80070005 Access is denied. (Exception from HRESULT:
0x80070005 (E_ACCESSDENIED)).

ASP.NET is not authorized to access the requested resource. Consider granting
access rights to the resource to the ASP.NET request identity. ASP.NET has a
base process identity (typically {MACHINE}\ASPNET on IIS 5 or Network Service on
IIS 6 and IIS 7, and the configured application pool identity on IIS 7.5) that
is used if the application is not impersonating. If the application is
impersonating via <identity impersonate="true"/>, the identity will be the
anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.

To grant ASP.NET access to a file, right-click the file in Explorer, choose
"Properties" and select the Security tab. Click "Add" to add the appropriate
user or group. Highlight the ASP.NET account, and check the boxes for the
desired access.

I checked the windows event logs and under Windows Logs -> System and I have this error:

The machine-default permission settings do not grant Local Activation permission
for the COM Server application with CLSID {0006F03A-0000-0000-
C000-000000000046} and APPID Unavailable to the user BSoup\fileshare SID
(S-1-5-21-2999627215-1482540357-33300828-1019) from address LocalHost (Using
LRPC). This security permission can be modified using the Component Services
administrative tool.

Answer 1

• Start Internet Information Services (IIS).
• Right-click your application's virtual directory, and then click Properties.
• Click the Directory Security tab. Under Anonymous access and authentication control, click Edit.
• Make sure the Anonymous access check box is not selected and that Integrated Windows authentication is the only selected check box.

• Configure ASP.NET to use Windows authentication with impersonation, use the following configuration in WebConfig.

   <system.web> <authentication mode="Windows"/> <identity impersonate="true"/> </system.web> 

Answer 2

After doing a bit more research, I've decided that using the interop assembly is a bad choice. As Alexi stated, it's not for use over the network.