ASP.Net 无法看到共享文件夹
我在以前从未使用过的网络中编写了一个新应用程序,但遇到了问题。
如果我有以下 C# 代码:
FileStream fs = File.Create(@"\\MyServer\MyShare\testing.txt");
fs.Close();
在控制台应用程序中,此代码可以正确执行。
在 ASP.Net 应用程序中,我收到此错误:登录失败:未知的用户名或密码错误。
在 ASP.Net 应用程序中,如果我添加身份 impersonate="true",我会收到此消息错误:访问路径“\MyServer\MyShare\testing.txt”被拒绝。
我以前从未遇到过该登录失败消息; 这是从哪里来的? 如果我在服务器上创建一个应用程序并将其写入物理位置,它工作正常(因此安全性很好),似乎共享的安全性不起作用(即使它设置了“每个人”)到完整写入),或者服务器级别缺少某些内容,不允许我查看一般的任何内容。
有谁知道我在这里缺少什么? 我编写过其他执行类似操作的应用程序,但从未遇到过此问题,
谢谢!
I've written a new application in a network I haven't worked in before, and am running into a problem.
If I have the following C# code:
FileStream fs = File.Create(@"\\MyServer\MyShare\testing.txt");
fs.Close();
In a console application, this code executes correctly.
In an ASP.Net application, I receive this error: Logon failure: unknown user name or bad password.
In the ASP.Net application, if I add in identity impersonate="true", I get this error: Access to the path '\MyServer\MyShare\testing.txt' is denied.
I've never ran into that logon failure message before; where is this coming from? If I create an application on the server and have it write to the phsyical location, it works fine (so security there is good), it just seems as though the security to the share is not working (even though it has 'Everyone' set to full writes), or there is something missing at the server level in which I'm not allowed to view anything in general.
Does anyone know what I'm missing here? I've written other applications that did similar things and have never run into this problem
Thanks!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
更新:
所以我认为我发布这个太早了...它在我的本地主机上失败的原因是由于目录被设置为允许匿名访问(因此该页面没有模拟;用户曾是 '')。
它也开始在服务器上运行; 但是,那里没有任何变化...我不知道在应用程序停机/关闭期间是否触发了某些内容或什么,但一切都按预期工作。
感谢您的评论!
Update:
So I think I posted this too soon... The reason it was failing on my localhost was due to the directory being set as allow anonymous access (so the page wasn't impersonating; the user was '').
It also started working on the server as well; however, nothing was changed there... I don't know if something was triggered during the app's downtime/shutdown or what, but everything's working as expected.
Thanks for the comments!
问题在于,当身份模拟设置为 false 时,ASP.NET 辅助进程帐户会尝试写入共享,通常是 NETWORK SERVICE 或 ASPNET 帐户。 取决于您运行的 Windows 版本。
将 impersonate 设置为 true,而不指定用户名或密码将使用当前用户身份验证来尝试发出请求。
您将需要授予工作进程帐户权限,但这很可能是不可能的。 或者 B 创建一个应用程序可以模拟的特定帐户,然后在身份标记中的 web.config 中指定凭据。
The issue is that with identity impersonate set to false the ASP.NET worker process account is trying to write to the share, typically that is the NETWORK SERVICE or ASPNET account. Depending on which version of windows you are running.
setting impersonate to true, without specifying a username or password will use the current users authentication to try and make the request.
You will need to either A grant the worker process account permissions, which most likely isn't possible. Or B create a specific account that your application can impersonate, and then specify the credentials inside the web.config in the identity tag.
默认情况下,ASP.NET 应用程序作为 YourMachine\IUSR_YourMachine 运行。 您必须向Everyone 主体开放共享权限(如果计算机不在同一域中),或者以有权访问共享的用户身份运行 IIS 应用程序。
您可以通过以下方式更改 ASP.NET 应用程序运行的用户:
.打开管理工具 -> Internet 信息服务,然后右键单击包含该应用程序的网站或虚拟目录,然后单击属性。 选择目录安全选项卡,然后单击编辑。 最后,在匿名访问部分中输入有权访问共享的用户的用户名和密码。
麦克风
By default, ASP.NET applications run as YourMachine\IUSR_YourMachine. You either have to open up the permissions on the share to the Everyone principal (which still may not work if the machines are not on the same domain), or run your IIS application as someone who has access to the share.
You can change the user that the ASP.NET application runs under by:
.Open Administrative Tools -> Internet Information Services then right click on the website or virtual directory that contains the application and click Properties. Choose the Directory Security tab and click Edit. Finally, in the Anonymous Access section type the username and password of a user that has access to the share.
Mike