Previous Next

• 07-29-2008, 4:32 PM

  jrnick Joined on 07-22-2008, 4:37 PM Posts 4

  Can't write session vars unless Anonymous USR is Administrator Reply Contact Hello all, I'm running Windows 2003, IIS6, and the latest PHP.  I recently changed my server's anonymous user back to IUSR_<name of my machine>, the guy before me changed it to something else, but when I changed it back I realized that some of my php login procedures stopped working.  I would log in, but never get past the log in screen.   I found that those login procedures set session variables at the time of successful authentication, and if those variables weren't set then the the site would redirect back to the login page.  After messing around for a while, I found out that if I made IUSR_ a member of the Administrator group that the session variables were then being set and I was able to log in.  As soon as I take IUSR_ out of the administrator group, it doesn't work again.   I don't want to have my anonymous user in the Administrator group for security reasons, does anybody know how the session variables work and if there's a way to have them set without needing the anonymous user to have administrator privileges?

• 07-30-2008, 10:47 AM

  In reply to

  jeff@zina.com Joined on 09-26-2003, 10:43 AM Naples, FL, USA Posts 1,426

  Re: Can't write session vars unless Anonymous USR is Administrator Reply Contact Your IUSR account obviously needs the correct permissions, and running it as an Administrator gives it the correct permissions.  Plus ones you don't want.  You might use Filemon to see what permissions are actually needed. Jeff Look for Wrox's new book Professional IIS 7 in your local bookstore, or order now at Amazon.com

• 07-31-2008, 8:01 PM

  In reply to

  jrnick Joined on 07-22-2008, 4:37 PM Posts 4

  Re: Can't write session vars unless Anonymous USR is Administrator Reply Contact I believe I found a solution. It was indeed an issue with permissions. I found that the guest user (IUSR_) did not have the necessary permissions to read the php.ini file. Without that I suppose it didn't know where to store session data, as the path is specified in php.ini, which prevented the necessary session variables. So when I fixed the permissions everything worked fine. Thanks for the comment.