The situation: I have a mvc.net web page which, when called, runs a batch file on my server using System.Diagnostics.Process.Start and cmd.exe. The batch file contains a line that runs "svn.exe update myfilepath" and should therefore update the files on the server.
What's happening?
- the batch file is running, but the call to svn.exe does nothing, nor produces any error messages.
- if I run the batch file by double clicking, the svn command DOES run successfully.
I guess this is a security issue, but I'm no expert on this and I cannot make any headway.
The site is hosted on Windows Server 2008 R2 and the app pool is using the ApplicationPoolIdentity system. I have tried running the app pool as Network Service and also adding Network Service as a user that can Read/Execute to svn.exe.
Please help!
This could be proxy related. It's possible that you access the Internet via a proxy, but that the user profile for the app pool identity isn't configured like this. You may need to use a domain account that you can log on as in order to create a suitable user profile. You will also need to make sure IIS is loading the profile by ticking the appropriate option.
(Another possibility is that the working directory for the process you are starting is not set correctly to the root of your Subversion working copy. We've established this wasn't the problem in your case.)
Related
I have a windows service which downloads some files from SFTP and uploads it to database and generates PDf's from that data. So now when i should give the executable files to my client i think he need to change the app config file like sftp details and the pdf paths. So i am just thinking about a program like a windows forms or a console which reads the input and save those in app config file. Is it possible like and by the way i have created a setup project for the windows service where he gets 2 files .msi file and setup file. Is it possible to achieve the above problem in this case ?
If I understand correctly, you're wanting some kind of UI application that allows the user to configure the operation of the Windows service. This is certainly possible as I've been doing it for several years now. However, you don't want to do this via the app.config file. The app.config file is read by the Windows service when it starts up, so any changes made to it would go unnoticed until the service restarts. A better course of action would be to communicate the changes to the service via the Windows Communication Foundation (or some other ICP mechanism, e.g., pipes, sockets, shared memory, etc.). I've managed to use this successfully, although to be honest, I'm using ordinary sockets now. In any case, the service would basically "listen" for incoming configuration messages, "read" those messages, and then "configure" itself accordingly, perhaps even saving the changes in its app.config file so the changes are preserved for when the service restarts later.
HTH
I'm trying the WorkSpace.PendAdd method under Microsoft.Teamfoundation.Client namespace to add the local folder to TFS, it works normally when i debug with VS2010, but it doesn't work if it's published to IIS. I also tried giving the full control to the folder, but still no effect. Any idea will be appreciated.
Check to see what identity the web app is running under. Does that ID have appropriate rights in TFS? If you're hosting on a web server that is not also your TFS application tier, you could also be running into the two-hop limitation of passing identity.
When you're running in debug mode, it is probably picking up your credentials, and since your machine counts as hop zero, there's no problem passing them on to the TFS application tier.
I found a solution after checking the versionControl NonFatalError event.
Before the calling to workspace.PendAdd, just call:
Workstation.Current.EnsureUpdateWorkspaceInfoCache(
_versionControl,
_versionControl.AuthenticatedUser);
(for some reason it's the only way the specific file folder path will be mapped when running in IIS)
We use MVC controllers that access System.File.IO in our application and they work fine in localhost (IIS 6.0-based Cassini). Deploying to IIS7, we have problems getting the controllers to work because they throw UnauthorizedAccessExceptions.
We have done the following to try to resolve the issue:
- Set NETWORK SERVICE and IUSR accounts to have permission on the files and folders in question
- Ensured the App Pool is running under NETWORK SERVICE and loading the user profile
- Application is running under full trust
- We tried adding impersonation to web.config and giving NETWORK SERVICE write permissions (which was not a great idea because that's not what we want to do)
Now, we alternate between getting UnauthorizedAccessException and an IIS7 404 page that suggests the routes are being ignored completely (for example we serve "/favicon.ico" via a controller when the physical file actually lives at /content/images/favicon.ico). We used ProcessMonitor to try to track down the issue but weren't successful.
UPDATE:
This issue is intermittent. We had a brief few minutes where everything worked without making any configuration changes. We're running on EC2, so this could be related to a distributed file system. We're also using a separate drive to store all web site data, we're not using inetpub/wwwroot.
UPDATE 2:
The site works without incident under IIS 7.5, with no configuration changes needed but this is likely due to running with the new AppPoolIdentity. Otherwise it's an identical deployment. Unfortunately we can't run R2 on this EC2 instance.
One of the ways to identifying the cause is using Procmon tool from Sysinternals
Procmon will show the reason for unable to open the file , it will also show who is holding the file.
The issue turned out to be the controller factory we were using not handling file requests properly.
I've been experimenting with ASP.Net MVC, and have come across a problem that is probably not specifically MVC related. But I cannot get the authentication in the default MVC application (the one created by the wizard when you create a new MVC project) to work properly under IIS 7 on Windows 7.
If I run under the Visual Studio environment, it works, but if I switch the settings to run under IIS instead, I get the following exception trying to submit the login or registration:
Failed to generate a user instance of
SQL Server due to failure in
retrieving the user's local
application data path. Please make
sure the user has a local user profile
on the computer. The connection will
be closed.
I believe that this is because the website runs under my own account in Visual Studio, but under the IUSR account in IIS. Google searches on the exception message have been unhelpful so far.
So, can one create a local user profile for the IUSR account? If so, how? Is there something else I should be doing to get the SQLExpress engine to work under the anonymous account in IIS 7?
I also tried configuring the IIS website to use my account, but since this is my home machine, my account doesn't have a password, and it appears that IIS won't let a website be configured to use an account without a password. Or, since this is my first experience with IIS 7, and configuration feels very different than IIS 5/6, I am just missing the right setting that will let me configure the account to use for anonymous access.
EDIT: Some additional information. If I empty the App_Data folder and try again from IIS, SQLExpress attempts to create my database and fails, but the exception message has further information with the following suggestions.
SQLExpress database file auto-creation
error:
The connection string specifies a
local Sql Server Express instance
using a database location within the
applications App_Data directory. The
provider attempted to automatically
create the application services
database because the provider
determined that the database does not
exist. The following configuration
requirements are necessary to
successfully check for existence of
the application services database and
automatically create the application
services database:
If the applications App_Data directory does not already exist, the
web server account must have read and
write access to the applications
directory. This is necessary because
the web server account will
automatically create the App_Data
directory if it does not already
exist.
If the applications App_Data directory already exists, the web
server account only requires read and
write access to the applications
App_Data directory. This is necessary
because the web server account will
attempt to verify that the Sql Server
Express database already exists within
the applications App_Data directory.
Revoking read access on the App_Data
directory from the web server account
will prevent the provider from
correctly determining if the Sql
Server Express database already
exists. This will cause an error when
the provider attempts to create a
duplicate of an already existing
database. Write access is required
because the web server accounts
credentials are used when creating the
new database.
Sql Server Express must be installed on the machine.
The process identity for the web server account must have a local user
profile. See the readme document for
details on how to create a local user
profile for both machine and domain
accounts.
I've pretty extensively confirmed that the first three suggestions have been satisfied. The fourth seems to be the cause of my problems, but I can't figure out how to do that. And although the suggestion claims there is a readme document that describes it, I have not been able to find that document.
I got this problem as well running under medium trust. The process that creates the database requires at least High trust. You can check this by looking in your Web.Config for
<trust level="TrustLevel" />
If there is no trust specified in your Web.Config, try adding it and set it to either Full or High. If this doesn't work, there is a machine.config in your IIS which you would need to modify.
That being said, the best route I have found to solve this is to just use aspnet_regsql.exe to create the necessary tables and then change the connection string in your Web.Config to look at it directly.
I solved "The directory 'LocalApplicationData' does not exist." error when running an SSIS package through an SQL Job by ensuring the SQL SSIS service and SQL Server Agent service were running under the same account as the swql job was set to use!
This in my case was a domain account.
Solution: Try UNINSTALLING any updates before you started experiencing the issue. I spent countless hours - wasted hours that I will never get back in my life - reading and following every solution possible without success. I uninstalled all SQL Server updates and now everything works fine.
What is the correct proceedure when deploying an ASP.net MVC application? I am using the built in forms based authentication and deploying using the publish function in VS2008 but when deploying it doesn't seem to deploy the ASPNETDB to the server and I end up with errors like
An error occurred during the execution of the SQL file 'InstallCommon.sql'. The SQL error number is 1802 and the SqlException message is: CREATE DATABASE failed. Some file names listed could not be created. Check related errors.
CREATE FILE encountered operating system error 5(Access is denied.) while attempting to open or create the physical file 'C:\INETPUB\WWWROOT\HOURS3\APP_DATA\ASPNETDB_TMP.MDF'.
I looked this up and attempted to change the sql server to run under the local system account as per
http://forums.asp.net/t/984436.aspx
but that doesn't seem to have helped.
When you try to publish this way, I believe you're going to overwrite your database with the one you are currently developing with. This means if you had any changes in your web environment, such as new users, you would lose them when you overwrote them in a publish. Additionally the reason you're probably getting permission denied, is because the file is already in use by the website, and Windows doesn't like it if you try deleting a file that is in use.
Typically I set my databases to publish in a different methodology than the ASP.net files. I often generate an upgrade script using a tool such as RedGate SQL Compare. This allows me to upgrade the one live on the server instead of copying a new file.