IIS6 and filesystemobjects

P

peterdoherty

Well-known member
Joined
Feb 24, 2003
Messages
49
Hi, I am running IIS6 on Windows 2003 Server EE.

I need to run both ASP.Net Apps and regular ASP (Not side by side but in different sites).

ASP.Net apps are workin fine.

My problem is that I am trying to use the filesystem objects (FSO) in asp. This works to an extent. When I create the Virtual Directory(VD) for the ASP application I set the Security to Alllow Anoymous using the IUSR_machine name account and disable any authenticated access. When I try to open the asp page (one the local or remote machine) which uses the FSO nothing is displayed on the page.
If I enable Integrated Security in IIS6 and navigate to the page and log on the page (and FSO) works fine! Any other ASP page (not using FSO) works fine. I need to have this page visible to anyone not just users who can log on!
The folder permissions for the folder where the asp pages are is as follows:
Admins: Full Control
Everyone: Read&Execute/List Folder Contents/Read
INTERACTIVE: Read&Execute/List Folder Contents/Read
Internet Guest Account: Full control
Network/Network Service: Read&Execute/List Folder Contents/Read
SYSTEM: Full control
Users: Read&Execute/List Folder Contents/Read

I know this is more of an asp/iis question but if anyone can help it would be greatly appreciated
 
Its not clear to me what your exact directory security settings are for IIS.

New virtual directories in IIS are created with Integrated Windows Authentication and Anonymous access selected by default. Users are not required to log in with this setup. In my experience its rare to see these defaults changed - there usually has to be a specific security-oriented reason for wanting to change them (or if youre running intranet-only resources you might disable anonymous to easily track which users are hitting web apps).

If you have Integrated Windows selected and Allow anonymous not selected users will be required to supply windows credentials.

So, Id suggest making sure both Integrated and Anonymous are selected then test to be sure all users can hit (without a login). If your FSO stuff still isnt working then tinker around with the permissions on your folders/files.

If you click the help button when youre looking at the Authentication Methods dialog (that you get to via the IIS directory security property tab) itll give you the details on how Integrated is implemented and coordinates with Anonymous. One thing that can be happening is if your file permissions are setup incorrectly Integrated could be kicking in and overriding the Anonymous access.

Paul
 
I think the problem with the logon appearing may be due to the server and client not being in the same domain or workgroup (they are actually on 2 different workgroups - I am going to add them into our domain later)

Thanks
 
Same prob when they are on the same domain.

The Directory security settings are Anonymous and Integrated Windows Security.
 
Back
Top