I am trying to enable users to connect to Excel files on a share on the server. The users have access to that share. Using Procmon, I detected that OleDB creates a temporary file in this location:
c:\users\temp.<DOMAIN>.00x
But the users do not have access to this folder by default and they receive the dreaded 'Unspecified Error' from OleDB. Supposedly, the issue can be alleviated by making the following change in the Web.config file:
<identity impersonate="true" />
to
<identity impersonate="false" />
However, this is a SharePoint server and thus I am unable to make that change without negatively affecting SharePoint. I would like to do one of the following to alleviate the issue that creates the extra temp files:
- Automatically give users read and write permissions to new Temp directories, via a GPO, settings, or a script
- Fix the server such that these temp directories are not created in the first place (this is preferred but from my searching seems much harder)
I am certainly willing to look at other solutions if you can recommend a better one. Also, I apologize in advance for my tremendous ignorance, I am not really a server admin. Thanks for looking!
Best Answer
Usually this happens because of a strange situation where the App Pool user creates temporary files used for editing, that the actual user does not have rights to access.
That is why when impersonation is set to false, the App Pool user identity is used and can access the file - but when impersonation is set to true, the user account is being used, which doesn't have access to those files.
Setting write permissions for everyone to the temporary file parent directory should resolve this issue. I suppose there are some separate security concerns there, but it does not seem to be an issue in your case (as you even suggested it).