ask original
Very good day.
I am manipulating files from a network drive using System.IO.File.Copy .
In my Development environment it doesn't give me any problem, but in the application server it appears:
Exception not handled by the application
.
I have checked that the users belonging to the owner or minimum group have the necessary permissions .
Now I'm wondering if it's some feature or manipulation of the application server that needs to be turned on, something like turning it into a . My server is Windows R2 .
Thank you very much for your time.
Tracking 1
In the spirit of being more descriptive, the process is as follows:
Events viewer
Activate auditing of the folder on the server in order to obtain the following information in the event viewer:
Event code: 3005
- Event code: 3005
- Event message: An unhandled exception occurred .
- Sequence of events: 137
- Event Occurrence: 1
- Event detail code: 0
- Confidence level: Complete
Exception information:
- Exception type : InvalidOperationException
- Exception message : Displaying a modal dialog or form when the application is not running in UserInteractive mode is not a valid operation. Specify the ServiceNotification or DefaultDesktopOnly style to display a notification from a service application.
It seems to me that it is something related to the use of the MsgBox but if it were something related to the users, I hope you can tell me.
Good day.
Tracking 2
After fixing the MsgBox, I got the following messages captured from the try catch.
StackTrace :
- at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
- at System.IO.Directory.InternalCreateDirectory(String fullPath, String path, Object dirSecurityObj)
- at System.IO.Directory.CreateDirectory(String path)
- at Move(Route1, Route2) in Move.aspx.vb:line 29
I find that one of the following must be done:
- Open IIS → advanced settings for the application pool in question and change the identity to run network service as administrator → OK. "cmd -> iisreset", what worries me about this option is in terms of security, that the requests would be executed as administrator.
- Use DirectorySecurity : to later add it in the creation of the directory, Directory.CreateDirectory(path, securityRules);
So far I have the shared folder, with permissions for a certain group, but its behavior seems strange to me, since the following happens when I run it on the same computer with administrator privileges:
- If I run from VS locally, it works fine for me.
- If I run from web I get this problem.
In short , what I think I should do is solve the access denied problem that occurs when executing the instruction from the client since it works locally.
Track 3
Going through the issue of access denied, I found the following: Description of identities in IIS .
Where the identities with which the requests of a client are executed are explained.
By default when creating an application pool a virtual account " ApplicationPoolIdentity " is created and this account has minimum privileges. In my case, that identity is the one I have assigned, in the following image you can see an example of where to see this information.
In order to have access to network resources, the account should be one of type " Network Service ". So he could trade her for that identity. But being an identity with more privileges, I want to see what vulnerabilities I should cover before changing it.
Follow up 4
In order not to leave anyone who sees this with doubt and can help you, I describe the following:
Solution
They can make a test class and keep track of the active user with which they are identified, for this they can use:
They can investigate:
I hope it helps you.