Home
ASP.NET Forums » General ASP.NET » Installation and Setup » ASP.NET 2.0 on network share

ASP.NET 2.0 on network share

Last post 05-29-2006 5:17 AM by sergey_okhotny. 11 replies.

Sort Posts:

  • ASP.NET 2.0 on network share

    05-18-2006, 3:17 AM
    • Loading...
    • sergey_okhotny
    • Joined on 12-21-2005, 11:34 AM
    • Kyiv, Ukraine
    • Posts 26
    Is there some how-to to make asp.net 2.0 web projects run on network share (storing web site files on network share).
    I constantly getting Server Application Unavailable.
    In event viewer I two errors.
    First: Failed to execute request because the App-Domain could not be created. Error: 0x80070005 Access is denied.
    Second: Failed to initialize the AppDomain:/LM/W3SVC/1121149571/Root
    Exception: System.IO.FileLoadException
    Message: Could not load file or assembly 'System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' or one of its dependencies. Access is denied.
    StackTrace:    at System.Reflection.Assembly.nLoad(AssemblyName fileName, String codeBase, Evidence assemblySecurity, Assembly locationHint, StackCrawlMark& stackMark, Boolean throwOnFileNotFound, Boolean forIntrospection)
       at System.Reflection.Assembly.InternalLoad(AssemblyName assemblyRef, Evidence assemblySecurity, StackCrawlMark& stackMark, Boolean forIntrospection)
       at System.Reflection.Assembly.InternalLoad(String assemblyString, Evidence assemblySecurity, StackCrawlMark& stackMark, Boolean forIntrospection)
       at System.Activator.CreateInstance(String assemblyName, String typeName, Boolean ignoreCase, BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes, Evidence securityInfo, StackCrawlMark& stackMark)
       at System.Activator.CreateInstance(String assemblyName, String typeName)
       at System.AppDomain.CreateInstance(String assemblyName, String typeName)
       at System.AppDomain.CreateInstance(String assemblyName, String typeName)
       at System.Web.Hosting.ApplicationManager.CreateAppDomainWithHostingEnvironment(String appId, IApplicationHost appHost, HostingEnvironmentParameters hostingParameters)
       at System.Web.Hosting.ApplicationManager.CreateAppDomainWithHostingEnvironmentAndReportErrors(String appId, IApplicationHost appHost, HostingEnvironmentParameters hostingParameters)

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

    I understand, that it is security problem. But website is running under domain account, which has access to folder, identity impersonate set to true. This always worked fine to asp.net 1 projects, but for framework 2 does not.
    PLEASE, HELP...I'm out of ideas.

  • Re: ASP.NET 2.0 on network share

    05-18-2006, 3:41 PM

    UNC path or shared drive?  ASP.NET process acoount has access?

    Jeff

    Please: Don't forget to click "Mark as Answer" on the post that helped you. That way future readers will know which post solved your issue.

  • Re: ASP.NET 2.0 on network share

    05-19-2006, 5:35 AM
    • Loading...
    • sergey_okhotny
    • Joined on 12-21-2005, 11:34 AM
    • Kyiv, Ukraine
    • Posts 26
    It is UNC path (DFS).
    No, local ASP.NET process account does not have access? Should I give it? <identity impersonate> does not work any more on .net 2.0?

  • Re: ASP.NET 2.0 on network share

    05-19-2006, 9:55 AM

    The application pool runs under its own identity, and is the account that needs access.  I believe Server 2003 SP1 tightend some security on impersonated access, though for the life of me I can't find a KB article or reference to that effect.  Many organizations will set the app pool identity to a domain account for this type of access, the normal NETWORK SERVICE identity is a local account.  Creating a domain account for this and adding it to the local IIS_WPG group makes connections between systems easier.

    Jeff

    Please: Don't forget to click "Mark as Answer" on the post that helped you. That way future readers will know which post solved your issue.

  • Re: ASP.NET 2.0 on network share

    05-22-2006, 5:27 AM
    • Loading...
    • sergey_okhotny
    • Joined on 12-21-2005, 11:34 AM
    • Kyiv, Ukraine
    • Posts 26
    Started website's application pool under domain account, added domain account to IIS_PWG.
    Error changed to another one:

    Security Exception

    Description: The application attempted to perform an operation not allowed by the security policy.  To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

    Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

    Source Error:

    An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

    Stack Trace: 

    [SecurityException: Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.]
       System.Reflection.Assembly.GetType(String name, Boolean throwOnError, Boolean ignoreCase) +0
       System.Web.UI.TemplateParser.GetType(String typeName, Boolean ignoreCase, Boolean throwOnError) +270
       System.Web.UI.TemplateParser.ProcessInheritsAttribute(String baseTypeName, String codeFileBaseTypeName, String src, Assembly assembly) +163
       System.Web.UI.TemplateParser.PostProcessMainDirectiveAttributes(IDictionary parseData) +192

  • Re: ASP.NET 2.0 on network share

    05-22-2006, 7:02 AM

    Did you look at the trust levels?

    Jeff

    Please: Don't forget to click "Mark as Answer" on the post that helped you. That way future readers will know which post solved your issue.

  • Re: ASP.NET 2.0 on network share

    05-22-2006, 4:37 PM
    • Loading...
    • DrewTheRat
    • Joined on 05-22-2006, 8:33 PM
    • New Jersey
    • Posts 7

    You are not alone. I'm getting this same error....

    I created the user, made it the Application Pool user, added it to IIS_IPG.

    I confirmed it has permission to the share.

    I ran aspnet_regiis -ga <user> with the user.

    I configured the virtual directory in IIS to use the share.

    I tried impersonating the user in my web.config.

    I'm at a loss.

    -Drew

    "That's AC current for ya!"

  • Re: ASP.NET 2.0 on network share

    05-22-2006, 5:49 PM
    • Loading...
    • DrewTheRat
    • Joined on 05-22-2006, 8:33 PM
    • New Jersey
    • Posts 7

    I figured it out. It was a trust issue. I fixed the problem (for now) by adding a new code group to the Machine Runtime Security Policy. This blog post helped me:

    http://blogs.msdn.com/shawnfa/archive/2003/06/20/57023.aspx

    Here are the steps I used:

    1. Run mscorcfg.msc.
    2. Go to:
           .Net Framework 2.0 Configuration
                 My Computer
                      Runtime Security Policy
                             Machine
                                Code Groups
                                    All_Code
    3. Right-click All_Code and select "New..."
    4. Give it some name and click Next.
    5. For the condition, choose "URL" and enter "\\<server>\<share>\*" for the URL. Click Next.
    6. Select the "Full Trust" Permission Set. Click Next then Finish.

    As the article I link to notes, it's better to use strongly named assemblies and do your trust that way. I'll get there, but this solved it in the meantime.

    Note, mscorcfg.msc is not in the .NET 2.0 redistributable (as it had bin in 1.x). You need to install the SDK.

    -Drew

    "That's AC current for ya!"

  • Re: ASP.NET 2.0 on network share

    05-23-2006, 5:30 AM
    • Loading...
    • sergey_okhotny
    • Joined on 12-21-2005, 11:34 AM
    • Kyiv, Ukraine
    • Posts 26
    I think, this is the second step of solution, but by default installation mscorcfg.msc is not installed for .Net Framework 2.0 configuration. They says that this snap-in comes with SDK. I'll confirm if it will help, when my administrator will install it on my server.
    DrewTheRat:

    I figured it out. It was a trust issue. I fixed the problem (for now) by adding a new code group to the Machine Runtime Security Policy. This blog post helped me:

    http://blogs.msdn.com/shawnfa/archive/2003/06/20/57023.aspx

    Here are the steps I used:

    1. Run mscorcfg.msc.
    2. Go to:
           .Net Framework 2.0 Configuration
                 My Computer
                      Runtime Security Policy
                             Machine
                                Code Groups
                                    All_Code
    3. Right-click All_Code and select "New..."
    4. Give it some name and click Next.
    5. For the condition, choose "URL" and enter "\\<server>\<share>\*" for the URL. Click Next.
    6. Select the "Full Trust" Permission Set. Click Next then Finish.

    As the article I link to notes, it's better to use strongly named assemblies and do your trust that way. I'll get there, but this solved it in the meantime.

    Note, mscorcfg.msc is not in the .NET 2.0 redistributable (as it had bin in 1.x). You need to install the SDK.

  • Re: ASP.NET 2.0 on network share

    05-23-2006, 10:15 AM
    • Loading...
    • DrewTheRat
    • Joined on 05-22-2006, 8:33 PM
    • New Jersey
    • Posts 7

    It is definitely in the SDK. I discovered this yesterday when I tried to edit the security policy.

    -Drew

    "That's AC current for ya!"

  • Re: ASP.NET 2.0 on network share

    05-23-2006, 10:33 AM
    • Loading...
    • sergey_okhotny
    • Joined on 12-21-2005, 11:34 AM
    • Kyiv, Ukraine
    • Posts 26
    Any tips in moving this snap-in to server without installing full SDK?
    tried to copy mscorcfg.msc, mscorcfg.dll, and registered mscormmc.dll. No luck, failing with strange error about wrong framework installed :(

  • Re: ASP.NET 2.0 on network share

    05-29-2006, 5:17 AM
    • Loading...
    • sergey_okhotny
    • Joined on 12-21-2005, 11:34 AM
    • Kyiv, Ukraine
    • Posts 26
    Ok, here is how it worked for me:
    1. Configured identity of application pool to run under specific domain account
    2. Added this account to local IIS_PWG group
    3. using capscol added server share to trusted zone
        caspol -m -ag groupbname -url file://\\\servername\servershare\* FullTrust
Page 1 of 1 (12 items)
RSS Available

Advertise on ASP.NET

About this Site

Microsoft Communities
Page view counter