Last post May 23, 2014 11:21 AM by Siva Krishna Macha
May 23, 2014 06:45 AM|mrast|LINK
I have to de-commsion a 2003 server - and i need to move a particualr internal website over to a server 2008 box - the site runs in .net 1.1 though.
Website runs using app pool identity, and windows auth
I have followed the guide on installing 1.1 on server 2008.
I have added in the IgnorePaths in machine.config
I have added ASP.Net Machine account, APP Pool, IUSR to the Eventlog registry key.
The app pool has modify rights over the sites home directory.
When i hit the site, i login and i then get the following error
The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.
Exception Details: System.Security.SecurityException: Requested registry access is not allowed.
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
[SecurityException: Requested registry access is not allowed.]
Microsoft.Win32.RegistryKey.OpenSubKey(String name, Boolean writable) +473
System.Diagnostics.EventLog.FindSourceRegistration(String source, String machineName, Boolean readOnly) +295
System.Diagnostics.EventLog.SourceExists(String source, String machineName) +79
System.Diagnostics.EventLog.SourceExists(String source) +11
Intranet.IntranetBas.LogError(String txtMsg) in \\server\wwwroot$\Intranet\IntranetBas.vb:88
Intranet.IntranetBas.GetSettings(ConnectUDT& ConnectSettings) in \\server\wwwroot$\Intranet\IntranetBas.vb:149
Intranet.IntranetBas.ConnStr() in \\server\wwwroot$\Intranet\IntranetBas.vb:172
Intranet.SalesOrderData.GetCustomers(SqlDataReader& drReader) in \\server\wwwroot$\Intranet\SalesOrderData.vb:125
Intranet.SalesOrder.PopCombo() in \\server\wwwroot$\Intranet\SalesOrder.aspx.vb:304
Intranet.SalesOrder.Page_Load(Object sender, EventArgs e) in \\server\wwwroot$\Intranet\SalesOrder.aspx.vb:149
System.Web.UI.Control.OnLoad(EventArgs e) +67
System.Web.UI.Page.ProcessRequest(HttpContext context) +18
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +87
Version Information: Microsoft .NET Framework Version:1.1.4322.2032; ASP.NET Version:1.1.4322.2032
I am at a loss now of where to go from here.
Any suggestions please?
May 23, 2014 06:52 AM|Siva Krishna Macha|LINK
Try this in your web.config under system.web section:
May 23, 2014 09:32 AM|mrast|LINK
Still the same im afraid. :-/
May 23, 2014 11:21 AM|Siva Krishna Macha|LINK
Background of the issue: There is some error thrown from your application and it tries to write the error into the event log (eventviewer - i.e., eventvwr). But there are permission issues to create the eventlog. You may create the appropriate event source
name etc during the installation process or you would also like to create these during the run time if the event source doesn't exist. In your scenario, probably the application is trying search the eventsource if exists before creating the event source.
I could see you have tweaked on the permissions on registry key as well. However, please see if you have changed the identity and switched back to original to make sure the credentials are reloaded and also, try to restart the IIS after these changes are
The complete steps for eventlog permission is as below:
1. in IIS console, go to application pool managing your site, and note the identity running it (usually Network Service) - You might have already done this.
2. make sure this identity can read KEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog (rigth-click, authorisations) - You might have done this as well.
3. More importantly: Now change the identity of this application pool to Local System, apply, and switch back to Network Service - Please try this step, if not done already
Credentials will be reloaded and EventLog reacheable
Another good reference:
Hope this helps