Iis – “NETWORK SERVICE” access remote share: Access Denied

iispermissions

Service is running as NETWORK SERVICE on Server1.

I need to connect to a share on another servier: Server2\Share.

So I grant Full Control to Server1$ on Server2\Share.

Yet I still get an access denied error when I try to open a file in that share.

Any idea what could be the cause of this?

Best Answer

You have to grant that access in both the share permissions and the NTFS permissions. If you've only allowed access in one, you'll need to do it in the other.

Related Solutions

Office 2007 network share access denied

Well after every windows update known to mankind and .net framework...got me nowhere..

But a fresh install of Windows XP, service packs and updates...then install Office 2007 all is good...

So the only solution I have so far is a fresh install :(

Hope someone knows a better one or no one has the same problem

UPDATE

It now seems that users that log off and then log back in receive the access denied message, it all works if the machine is rebooted...

Iis – Impersonation NOT working – Network Share

First of all, "impersonation" is the term applied only inside the same machine, if your network share (or IIS, or virtual dir, or MS SQL Server, etc.) is on another computer then it is delegation and you should configure it between computers (read SPN, Service Principal Name).
Are your network share on the same or on the different computer?

Then, it is not "double hop" since you do not pass-through original identity of your webapp user but use fixed impersonation in web.config.

I hope it is not in production? This, putting credentials in web.config, is EVIL, EVIL, EVIL, do not ever do this, just don't!

BTW, you can reach the same result without fixed impersonation in web.config by running your webapp in custom application pool under your domain user, cf. [1]. This is more easy, configurable and reliable.

I could have tried to write you instructions for all possible cases since the exact context is blurred in your post but it would have ended up in unreadable dozens-page article.

OK, I started writing:

Disable "Anonymous access" and enable "Basic authentication" in IIS (properties of website)
Change
```
<authentication mode="None" />  
```
to
```
<authentication mode="Windows" />   
```
in web.config

Disable "Use simple file sharing" in Windows Explorer --> menu Tools ---> Folder Options... ---> tab View

Give permissions for username on network share

Make sure that NTLM is enabled on all involved interacting computers

Plz read and follow instructions in [2].
I could not find the description of the same quality for IIS7/W2006 but I strongly believe what you need did not change.
If you would have any further questions or problems, post more specific questions.

----- Cited:

[1]
How To: Create a Service Account for an ASP.NET 2.0 Application
http://msdn.microsoft.com/en-us/library/ms998297.aspx

[2]
How To: Use Impersonation and Delegation in ASP.NET 2.0
http://msdn.microsoft.com/en-us/library/ff647404.aspx

Best Answer

Related Solutions

Office 2007 network share access denied

Iis – Impersonation NOT working – Network Share

Related Topic