Shared Permissions to ASPNET account [Answered]RSS

3 replies

Last post Apr 06, 2011 12:37 PM by HCamper

  • Shared Permissions to ASPNET account

    Apr 06, 2011 12:58 AM|sravanig17|LINK

    We are having fileupload functionality in our application. We need to give

    shared permissions to aspnet account on the folder where we are uploading

    files.

    But, when we tried to give permissions, it suggested below 4 accounts but not

    the ASPNET account:

    ASPNETIE

    ASPNET Wiki Users

    ASPNET Sharepoint Account

    ASPNET CPR


    Please let us know how to give permissions to ASPNET account. Or, is it

    sufficient if we give permissions on ASPNET Sharepoint account


     

  • Re: Shared Permissions to ASPNET account

    Apr 06, 2011 02:46 AM|Mithil|LINK

    In IIS7 there is no ASPNET user as it was in earlier IIS6, you must given write permission to IUSR and IWP user under which website runs.
    Mithil

    Eukhost

  • Re: Shared Permissions to ASPNET account

    Apr 06, 2011 04:25 AM|HCamper|LINK

    Hello,

    FYI The ASPNET account is created and is Used in II 7.0 IIS 7.5  and  is member of the Users group.

    FYI The Users group is the "Standard User Account" which is modeled after "Windows XP Limited" account guidelines.

    The instructions you have posted appear to be missing or assume that IUSR,IIS_USERS

          are already added to the IIS Server and Web Site(s).

    I suggest that you make sure that the IUSR,IIS_USERS exisit and have read,execute,list permissions for the IIS Server & Sites.

    I suggest that the ASPNET account be added to the IIS Server Default Site and have read,execute,list,modify permissions.

    You should check if your IIS Server is set to use "Inherit Settings" for Default Site.

              A)  If the setting is False or No you will have to add the ASPNET

                         account on a per Web Site basis.

              B) If the "Inherit Settings" is True or Yes then the ASPNET will be part of any newly created

                       Web Sites.

    C) The special permissions for ASPNET account to modify files is a requirement for developers to create,maintain,debug Web Projects.

    D) I suggest that you not-escalate the permissions for ASPNET account / user

                     escalation of permissions would be Full permissions. The ASPNET account is considered a "Limited User" with

                      the exception of Modify permissions for Developers.

    E) For your application add the suggested accounts and apply permissions that are considered correct for the program.

    F) Since you will be running an application you need to add all the accounts listed to be part of the Application Pool

          directories & folders the required permissions are read,execute,list.

            You will also need to have special permissions applied to temp folders C:\Windows\Temp and the permissions are

              read,execute,list,write.

                  The special permissions allow for creating temp files when running applications or even

                                      accessing some types of Web Pages.

                   The special permissions should be applied to the Application Pool directories that are C:\User\Application Pool\Temp .

    G) Since your application is going to have file Upload you should create a directory "upload" and add the

                accounts from above items and set the Accounts with permissions of read,execute,list,write so files can be written

               to the selected directory.

    The list of items / tasks may appear to be difficult but just do thing step-by-step and you find it is not so bad.

    I hope this helps,

    Martin

     

    Windows and Linux work Together IT-Pros
    Community Member Award 2011
  • Re: Shared Permissions to ASPNET account

    Apr 06, 2011 12:37 PM|HCamper|LINK

    Hello,

    FYI Here  http://support.microsoft.com/kb/981949/en-us  which are the default Permissions and Settings 

    the Guide for IIS 7.0 permissions settings at Microsoft Support this can be used to set new accounts or servers .

     

    Windows and Linux work Together IT-Pros
    Community Member Award 2011