Minimum Permissions Required to Run ASP.NET

C

Corey B

I have a web server running IIS 6. The network security team here has
completely locked down the server. They have installed an application
called Cisco Security Agent (CSA). What CSA does is deny or allow
access to certain files and folders. Currently they have it set up
very restrictively so that it denies access to lots of files and
folders. I find that when I go to run any type of ASP.NET application
I receive error messages that say that the Network Service user can not
access a certain folder. So I contact the network security team and
tell them to give Network Service rights to that folder. Then I try my
application again. This time I get a message about a different folder.
So we go through the process again and they give the Network Service
user access to that folder - and so on. What I am looking for is
something like this:

For ASP.NET to function properly you must set the following folder and
file permissions:
C:\Windows\inetsrv Network Service Full
rights
C:\Windows\Microsoft\Framework Network Service Read
etc...

And so on...

Basically I am looking for a list of folders, files and users with
their corresponding rights that must be in place for ASP.NET to
function properly. This is an ASP.NET v1.1 application running on IIS
6. I am assuming that this makes a difference because I believe that
IIS 6 has different requirements than IIS 5. Can anyone help point me
to a list of folder permissions that are necessary just to run ASP.NET
on IIS 6?

Thanks,
Corey
 
C

Corey B

Juan,

Ah! Thanks so much for pointing me in the right direction. One more
question.

So it seems that the permissions are dependent on the version of
ASP.NET and not the version of IIS - correct? In other words - it
doesn't make any difference if I am running my ASP.NET v1.1 application
on IIS 5 or IIS 6 - the list of required permissions is the same.

The main difference between ASP.NET v1.1 and v2.0 is that it will run
under a different user context.

Am I understanding this correctly?

Thanks,
Corey
 
J

Juan T. Llibre

re:
if I am running my ASP.NET v1.1 application
on IIS 5 or IIS 6 - the list of required permissions is the same.
Right.

re:
The main difference between ASP.NET v1.1 and v2.0 is that it will run
under a different user context.

True, as far as user context security goes.
There's tons of other operational differences, of course, but you know that. :)

re:
Am I understanding this correctly?

You got that absolutely right.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,994
Messages
2,570,223
Members
46,813
Latest member
lawrwtwinkle111

Latest Threads

Top