Updating iis 5 1

Rated 3.87/5 based on 871 customer reviews

I am at a loss on why user cannot access the web site. Hello, You might check this post for Unblocking files of use.

When copying you need to use XCOPY or Robocopy with proper command-line switches so permissions are part of the files.

It is bad to assume that the other Web Sites and folders had "Inherited" permissions. NET4.0E; MS-RTC EA 2; MS-RTC LM 8) 401 3 5 0 2011-08-11 10.1 GET /lnc/ - 80 domain\username 10.1 Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; . This mornings log has these errors: 401.2, 301.0, 401.3 2011-08-12 10.1 GET /lnc - 80 - 10.1 Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; . Look for Authorization Authentication rules and policies they prevent Your Account or others from deploying Applications. In the first post was this guide for Account and User Permissions. I think the missing permissions are for IUSR and IIS_IUSRS for the web.config and maybe more files. In my troubleshooting I have added Authenticated Users with Full Control and Local Service with Read & Exec, List Contents and Read and IUSR with Read & Exec, List Contents and Read. NET4.0E; MS-RTC EA 2; MS-RTC LM 8) 404 0 2 0 ================================================= Process Monitor: ================================================= .4928869 AM w33952 Thread Create SUCCESS Thread ID: 2300 .6354771 AM w33900 Thread Exit SUCCESS Thread ID: 2220, User Time: 0.0000000, Kernel Time: 0.0000000 .5264889 AM w33952 Create File C:\inetpub\wwwroot\app Name SUCCESS Desired Access: Generic Read, Disposition: Open, Options: Sequential Access, Attributes: RE, Share Mode: Read, Write, Delete, Allocation Size: n/a, Impersonating: domain\username1, Open Result: Opened .5266079 AM w33952 Query Standard Information File C:\inetpub\wwwroot\app Name SUCCESS Allocation Size: 4,096, End Of File: 4,096, Number Of Links: 1, Delete Pending: False, Directory: True .5266392 AM w33952 Query All Information File C:\inetpub\wwwroot\app Name BUFFER OVERFLOW Creation Time: 9/17/2009 AM, Last Access Time: 8/11/2011 AM, Last Write Time: 8/11/2011 AM, Change Time: 8/11/2011 AM, File Attributes: D, Allocation Size: 4,096, End Of File: 4,096, Number Of Links: 1, Delete Pending: False, Directory: True, Index Number: 0x100000001ae00, Ea Size: 0, Access: Generic Read, Position: 0, Mode: Sequential Access, Alignment Requirement: Byte .5267398 AM w33952 Close File C:\inetpub\wwwroot\app Name SUCCESS .5303880 AM w33952 Create File C:\inetpub\wwwroot\app Name SUCCESS Desired Access: Generic Read, Disposition: Open, Options: Sequential Access, No Buffering, Attributes: RE, Share Mode: Read, Write, Delete, Allocation Size: n/a, Impersonating: domain\username1, Open Result: Opened .5304162 AM w33952 Query All Information File C:\inetpub\wwwroot\app Name BUFFER OVERFLOW Creation Time: 9/17/2009 AM, Last Access Time: 8/11/2011 AM, Last Write Time: 8/11/2011 AM, Change Time: 8/11/2011 AM, File Attributes: D, Allocation Size: 4,096, End Of File: 4,096, Number Of Links: 1, Delete Pending: False, Directory: True, Index Number: 0x100000001ae00, Ea Size: 0, Access: Generic Read, Position: 0, Mode: Sequential Access, No Buffering, Alignment Requirement: Byte .5305140 AM w33952 Close File C:\inetpub\wwwroot\app Name SUCCESS Hi, Have you checked IE Security settings ?

If the your list of Accounts and Groups have the correct permissions use them to manually set permissions for the Folders and Files for where you put files. You may need to check Your Acount Profile and Permissions. Martin My understanding is IUSR is a built-in user account needed for anonymous logon which isn't applicable to this app. Adding each had no affect on my ability to access the application. Have you added the Web Site to the intranet zones ? Was the "Magic" result of Server Restart or Web Site Restart ? I didn't solve this yet - the problem I noted previously (about the process monitor) is that it's not recording the 401 page error. So now I'm getting less information about the problem than before. Here's the Audit failure event for username1 from Event viewer, Security: - System - Provider [ Name] Microsoft-Windows-Security-Auditing [ Guid] Event ID 4656 Version 0 Level 0 Task 12800 Opcode 0 Keywords 0x8010000000000000 - Time Created [ System Time] 2011-08-16T.929Z Event Record ID 11696572 Correlation - Execution [ Process ID] 4 [ Thread ID] 68 Channel Security Computer server domain Security - Event Data Subject User Sid S-1-5-21-xyz-xyz-xyz-xyz Subject User Name username1 Subject Domain Name domain Subject Logon Id 0x319c63c Object Server Security Object Type File Object Name C:\inetpub\wwwroot\app Name\Handle Id 0x0 Transaction Id Access List %38 %41 %D16 %D19 %D23 Access Mask 0x120089 Privilege List - Restricted Sid Count 0 Process Id 0xf70 Process Name C:\Windows\Sys WOW64\inetsrv\w3========== btw if anyone is following this post here's a more detailed article about how to set up auditing for Windows server 2008: Hi, Question who set-up the Server and accounts ? The problems are stiil with the same user " Subject User Name username1 ". I looks like you have it narrowed down to the "username 1" Account.

If the IIS Server is ( not set) to "Inherit Permissions" you will not get a change in permissions at a higher Folder or Level.

I suggest using the User and Account information go to each Directory / Folder and set the proper permissions.

Martin Where do I check to see if IIS 7 is set to inherit permissions? All I changed over previous attempts was to add "Authenticated Users" with Read permissions on the web app. 301.0 (Moved Permanently error) - The thread you pointed me to seems to suggest I need to set up a redirection (how? If I were to redeploy the app to a new folder name on remote server from Visual Studio and create a new site in IIS - do you think that would behave differently?

Here is an excerpt from my log file: ----------------------------------------------------------------------------------------------------------------- 2011-08-11 10.1 GET /lnc - 80 domain\username 10.1 Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; . I noted that in application Host.config file under authentication there is an attribute "anonymous Authentication enbable="true" user Name="IUSR" but there are other areas where authentication anonymous is set to false so I wonder if that's all kosher or what? NET4.0E; MS-RTC EA 2; MS-RTC LM 8) 401 2 5 0 2011-08-16 10.1 GET /app Name - 80 domain\username1 10.1 Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; . is me, my regular logon account that I use to log on comparable to all other employees.Hi, For the Web.config problem look at IIS Net Library Reference Reference/Server/security/authentication/anonymous Authentication for Anonymous Authentication. I also have an administrative account which I use to logon to remote server.Excerpt from the Top paragraphs: You can use IIS Manager to use change the Authentican Methods required as shown in the images. They are corresponding entries from IIS log and Process Montior. I am able to access the app from client when logged on with my admin account and not able to access app with my regular user account.However, IIS Manager cannot verify whether the built-in account has access. NET4.0E; MS-RTC EA 2; MS-RTC LM 8) 301 0 -08-11 10.1 GET /lnc/ - 80 domain\username 10.1 Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; . I surmise that where I see "Special permissions" checked is actually inheriting from inetpub CREATOR OWNER (even though that is not obvious). I ran Process Monitor and here's and excerpt from the ACCESS DENIED entry when app attempts to open page. NET4.0E; MS-RTC EA 2; MS-RTC LM 8) 301 0 0 0 2011-08-16 10.1 GET /app Name/ - 80 domain\username1 10.1 Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; . Also keep in mind there are several other web apps deployed on this server that are working fine.Make sure that the application pool identity has Read access to the physical path. I am not sure what it all means: .7357118 PM w31696 Create File C:\inetpub\wwwroot\LNC\ACCESS DENIED Desired Access: Generic Read, Disposition: Open, Options: Sequential Access, Attributes: RE, Share Mode: Read, Write, Delete, Allocation Size: n/a, Impersonating: domain\username1 ---- .7367475 PM w31696 Query Security File C:\inetpub\custerr\en-US1SUCCESS Information: Owner, Group, DACL ---- I added IUSR to Users group since the article said it was supposed to be a member (even though we are not using anonymous access). Nothing has changed on the server except I tryed to copy new files to this one particular app.

Leave a Reply