Azure DevOps, Scrum, & .NET Software Leadership and Consulting Services

“ASPNET” vs. “NETWORK SERVICE”


Well, this just wasted the better part of 2 hours.  I’m trying to lock down an ASP.NET app that i’m writing to “least privalege”.  I’ve got the ASPNET and IUSR_ permissions set to “read”, “execute” and “list”.  I kept getting “Server cannot access application directory ‘c:inetpubblahblahblahblah’.  The directory does not exist or is not accessible because of security settings.” 


And i just keep beating my head against this error message for like hours.  If I enable “everyone” then everything’s great.  Take it away and error.  Then I started getting a little tickle in the back of my head suggesting giving rights to “NETWORK SERVICE”.  I do that and everything’s golden. 


The moral of the story is “ASPX runs as ‘NETWORK SERVICE’ on Windows 2003.” 


As I used to say back in back in 3rd grade….“durt durt durrrrrrrrr.“


-Ben


One response to ““ASPNET” vs. “NETWORK SERVICE””

  1. Hifni Shahzard Nazeer Avatar
    Hifni Shahzard Nazeer

    I did clear some of the problem from your article in your blog. Now, I knew that ASPNET is a local machine account. I was having the same sought of problem, but the environmnet is quite differnet. I developed my application in Windows XP Pro and then deployed in an Windows 2000 Server machine which acts as a Back up Domain Controller. However initially it worked well…but when I tried to deploy more app using XCOPY..things did not go as I intended. To make it worse the previous apps gets this error: “Server cannot access application directory ‘c:inetpubblahblahblahblah’. The directory does not exist or is not accessible because of security settings.”

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.