« Previous Next »

• 07-21-2009, 8:16 AM

  In reply to

  qbernard Joined on 03-25-2003, 10:12 PM Malaysia Posts 3,183	Re: Cannot verfy access to path Reply Contact what error msgs? during runtime or verification? pls be more specific Cheers, Bernard Cheah

• 09-13-2009, 11:57 PM

  In reply to

  virshu Joined on 12-10-2006, 5:29 PM Posts 5

  Re: Cannot verfy access to path Reply Contact Unfortunately, I am trying to follow the advice in this thread and I am lost. I first got a problem that I don't get anything from my C# statement s = User.Identity.Name. AuthenticationType is empty, IsAuthenticated is false, and Name is also empty. Note, that I am getting everything populated correctly when I am running through VStudio (name returns machine\userid); so my debugging options are quite limited (Console.Write always works, of course :) After some tinkering, I suspect that the root cause for my code problem and for the problem discussed here is the same - or at least I was trying to fix this problem first and see if it helps. As suggested, I was looking for the domain\servername$ and I don't see such account. Can it be invisible or somehow hidden from my naked eye? So, I tried to reproduce it on my local machine (standalone server, running IIS7). I have the same problem, and I tried to give NetworkService the rights on the directory - but I am still getting the same problem, and I am still not getting User.Identity. did I misread the advice? Thank you UPDATE: I did get it working on localhost (kinda). When I disabled Anonymous Authentication (leaving only Windows Authentication), I got an authentication popup (HTTP 401 Challenge). I would prefer to get windows authentication, since I logged in, but that's a different issue. So, while I am still curious, how to solve the problem described in this thread - I think my problem (with User.Identity) is unrelated to this.

• 09-20-2009, 2:55 PM

  In reply to

  e1ny Joined on 12-10-2007, 9:50 PM Posts 188

  Re: Cannot verfy access to path Reply Contact I'm coming into this thread late, but have had the same problem off and on over the past 12 months, and think I have solved it. For people with domains, or even people without, server 2008 has a couple of different users/groups that represent the anonymous web user, and they're not always granted access by default to folders, even those in "wwwroot". I'm not sure I've ID'd the correct circumstances under which folders do not inherit permissions properly, but I have noticed this: On a standalone 2008 server, when creating a new folder in Windows Explorer, and then making it the root of a web in IIS Manager, IIS adds the "IIS_IUSRS" AD security group to the folder with "read/execute" permissions. The local IUSR account on the server, however, may not be a member of this group by default, and if this is the case, then the web will exhibit all the permissions errors described in this thread, and browsing the web will return a "401 unauthorized". I leave it the forum gurus to explain the relationship between "IIS_iUSRS" and the local "IUSR" account and under what circumstances this will occur. Anyway, I found that granting explicit read/execute permissions to the local IUSR account (by adding it under the folder's security tab in folder properties), will fix the problem, as intuitively it should. I presume that adding it to the "IIS_USRS" group in Active Directory would have the same effect, since that group is granted permissions on the folder when it's made the root of a web in IIS Manager.  That's my empiric experience...hopefully someone can explain what is the "root" issue of the problem.

• 10-02-2009, 6:31 PM

  In reply to

  drummelhart Joined on 10-01-2009, 2:00 PM Posts 28

  Re: Cannot verfy access to path Reply Contact  so you are stating that I need to add IUSR to the IUSR Roles, not just domain admins, as well as the domain admins names?   This does not make sense! Why the harsh change in security. That leads to the next question of what all steps need to be completely completed before I can access a application via the local host without receiving you are not a part of a windows user group.......error.     What else am I missing?

• 10-03-2009, 6:00 AM

  In reply to

  e1ny Joined on 12-10-2007, 9:50 PM Posts 188

  Re: Cannot verfy access to path Reply Contact drummelhart:  so you are stating that I need to add IUSR to the IUSR Roles, not just domain admins, as well as the domain admins names?   This does not make sense! Why the harsh change in security. That leads to the next question of what all steps need to be completely completed before I can access a application via the local host without receiving you are not a part of a windows user group.......error.     What else am I missing? I'm sorry if you don't like my answer, drummelhart...it's just what worked for me (g). Did you try granting the local IUSR explicit access to the folder? I agree that this is probably the wrong way/brute force method to make it work, and there may be some other config issue that's not right. I was just desperate to get it working and found something that worked.

• 10-05-2009, 12:36 PM

  In reply to

  drummelhart Joined on 10-01-2009, 2:00 PM Posts 28

  Re: Cannot verfy access to path Reply Contact  Yes I did grant IUSR (now that there is no IUSR_machine name) access to the inetpub folder which carries to all other existing sites. There is no change. I am still receiving:     The system could not authorize you for access. Your Windows User Account is not a member of any Windows Group granted access to this site. Please contact the site administrator for assistance.