The Anonymous account in the Permission Manager refers to the Anonymous User (IUSR) and is mainly used to password protect sections of your site at the IIS level. At the application level, the Anonymous ASPNet User is used. You cannot change the permissions of the Anonymous ASPNet User. If you are worried about security, the IUSR or ASPNET user having write permissions does not mean that anyone can write or upload or FTP to your site. It's your application that control this. Aristotle DiscountASP.NET www.DiscountASP.NET
I have always needed to configure perms in order to get accounts (ASPNET) to be able to write to directories in my apps on my test boxes and prod serversso this is news to me. I suppose by default I have perms so restricted in my controled environments that I have to explicitly grant write perms while you guys have already granted these windows perms by default. I guess I am happy that I don't need to implement low level impersonation because I have always experienced some sort of issue that requires a hack or two to implement it correctly. Well let me say thank you so much for your help and fast replies - thank you very much! Justin
Hello All, Have a quick question regarding impersonation. I have a folder(docs) and one user(writer) that has write access to this folder. I want to upload files to this folder but I wish to impersonate the writer user in order to upload the document to this folder because I don't allow writing by the default account. After the upload is complete I plan on undo-ing the impersonation. My question is this: Can is use the following DLLImport to accomplish this task(I know how but is it allowed)? Are there any restrictions on accessing this function or performing impersonation on DiscountASP.NET Hosted Servers? [DllImport("advapi32.dll", SetLastError = true)] static extern bool LogonUser(string lpszUsername, string lpszDomain, string lpszPassword, int dwLogonType, int dwLogonProvider, ref IntPtr phToken); Many thanks in advance, Justin
I think you should be able to do this. However, on the DiscountASP servers ASP.NET applications run under a custom ASPNET user, which will always have write permissions to your site's folders/files. So I don't know why you would need to do this. Aristotle DiscountASP.NET www.DiscountASP.NET
Okay I am a little thrown back by your response. Why would my websites be running in an ASP.NET account that has write permissions to my folders and files in my site? In my User Manager I see three default accounts: site-name-account, Anonymous ASPNet User, Anonymous User (IUSR). Which account is my default ASP.NET account? I assume I can't control the perms of the default ASPNET user account?? Which one maps to the anonymous account in Permission manager? I may be a little confused on how this is setup now. Could you please explain it to me. Justin
