1

This is my Visual Basic 2005 .NET code:

Dim imgflnm as string = "c:\testfolder\testdoc.txt"
Dim fltotest As New System.IO.FileInfo(imgflnm)
Dim tsrslt As Boolean
tsrslt = fltotest.Exists
System.Web.HttpContext.Current.Response.Write("source file exists result=" & tsrslt & "<br/>")

The above code returns tsrslt as true when it sees the file in question on a local drive-- same drive as the application. But on a mapped drive letter it cannot see the file and so tsrslt is evaluating as false.

I have tried the following:

DNS path

\\DPATSERVER\testfolder\testdoc.txt

ip path

\\192.xxx.yyy.zz\testfolder\testdoc.txt

dns path on a non-standard drive

\\DPATSERVER\e\testfolder\testdoc.txt

ip path on a non-standard drive (as above using ip instead of dns)
dns & ip on non-standard drive using $ after drive letter.

None of the above can see the file on the remote server. Any suggestions would be appreciated.

LarsTech
  • 80,625
  • 14
  • 153
  • 225
Earl Patrick Dean
  • 51
  • 4
  • looks like this is running in the context of asp.net? more than likely the web user that the web app runs under does not have permission to this. It's a security thing. – Jeremy Aug 12 '15 at 20:42
  • 1
    It is `\\machinename\sharename\folder\file.ext`. Must start with two backslashes or it will just look like a directory name. – Hans Passant Aug 12 '15 at 20:44
  • Yes, it's an asp.net web application. The output line in my code is being sent to a webpage as you'd expect. – Earl Patrick Dean Aug 12 '15 at 20:45
  • I've been looking at the tag toward adding it to the web.config file, but so far my limited understanding of it has not allowed it to help. Can you offer any insight on that? – Earl Patrick Dean Aug 12 '15 at 20:46
  • Hans-- my question translated the leading double slash as a single slash. I am indeed using a double slash to preface the server name. – Earl Patrick Dean Aug 12 '15 at 20:47
  • Well, which one of those paths works in the Windows Explorer address bar? – LarsTech Aug 12 '15 at 20:55
  • I tried various combinations of the accurate url in the Windows Explorer (file explorer) address bar, and the version of \\folder1\folder2\filename actually opens the file in notepad for me. But the same url does not work across a network when it is assembled at runtime in the code. It only works at runtime if the file I'm seeking exists on the local hard drive. – Earl Patrick Dean Aug 13 '15 at 13:22
  • Further notes: The network folder and file are shared and made available across a logmein Hamachi VPN network-- this is not a local area network using a wired up connection. The client has recently upgraded their internet connection and download speed. I have checked on using the actual endpoint machine's ip address-- they have two ethernet NICS and I tried both the IP addresses attached to those NICS, as well as the Hamachi VPN ip address. The Hamachi address is the only one that opens a connection to the remote machine. – Earl Patrick Dean Aug 13 '15 at 13:24
  • Don't use the `.Exists()` function at all. Just try to open the file, and handle the exception if it fails. http://stackoverflow.com/questions/265953/how-can-you-easily-check-if-access-is-denied-for-a-file-in-net/265958#265958 – Joel Coehoorn Aug 14 '15 at 03:15

1 Answers1

2

When you call the website and you use System.IO.File.Exists it is the IUSR account that is actually doing the request for the file.

The default for IIS is to use a local account for the web server and the account doesn't have permissions to access network share because it's a local account that only exists on that 1 machine and it does no exist on the other machine.

You need to configure the IIS application pool for your web site to run using a domain user account, and then give that account the permission to the network share. If you are not in a domain create the same user on both machines with the same password. Then run IIS as that user.

The less secure method is to allow Everybody access to the network share.

Configuring IIS Application Pool Identities

Example:

Domain or Network Account

  1. The same username and password is used to access any computer on the same network. If you change the password, it changes for all the computers.

Webserver

1.1 Change the application pool to use the username and password that you use to login with (1.) or a similar account on the same network. Typically you will create an account specifically on the network for this purpose that only has access to specific resources on the network. If you give this user access to the entire network then it means your entire network is now accessible by IIS huge security risk.

FileServer

1.2 Right click on the folder that you are sharing and go to the security tab. Confirm that the user (1.) has access to that folder.

Local Account

  1. This only exists on the 1 computer you can create the same user on another computer. But if you change the password on computer 1 it does not change the password on computer 2.

Webserver

2.1 Change the application pool to use the username and password that you use to login with (2.) or a an account created just for this use.

FileServer

2.1 Create the exact same user on this computer with the exact same credentials(2.,2.1) Right click on the folder that you are sharing and go to the security tab. Confirm that the user (2.,2.1,2.2) has access to that folder.

Less Secure Method

FileServer

  1. Right click on the folder that you are sharing and go to the security tab and give the user Everyone Access to that folder.
EJD
  • 751
  • 6
  • 19
  • This is something I and a coworker have been looking at carefully this afternoon. I'd like a clarification if possible: our setup is running a web application on the client, and that is where our IIS setup resides and runs the web application. The web application is trying to see a file on a remote file server. Question: domain user account: is it a windows user account someone could use to log into the client machine that you are talking about, or is it a new account only known by IIS? – Earl Patrick Dean Aug 13 '15 at 18:50
  • On more question: the username and password being impersonated: is that a login credential for a user of the file server, or a credential for a user of the client machine? – Earl Patrick Dean Aug 13 '15 at 19:26
  • When you login to the webserver do you use a network user and password typically you will see the word domain and your domain name. Example: stackoverflow/EJD or DomainName/UserName. If you use a local account an account created on the computer. typically only asks for a password, this is what you use at home with a nice pretty icon with a password prompt. – EJD Aug 14 '15 at 01:47
  • So the setup is pretty well the same in both cases the username and password used on the web server must also work on the remote server where the file is located. Simple as that. So if it is a local account create the same account on both with the same password. Domain or Network account as long as that user has access to both using the network account then you are good. – EJD Aug 14 '15 at 01:49
  • You have been very patient and answered every question I had. Thank you all so very much. I am trying out these options. – Earl Patrick Dean Aug 14 '15 at 14:03
  • Question about impersonation and running the web application as the user added: (1) Do I need use that id to sign into the computer running the web server? (2) Do I need to add an – Earl Patrick Dean Aug 14 '15 at 14:43
  • No identity is apart of the website authentication so whether you require a user name and password to access the website. Follow the step http://www.iis.net/learn/manage/configuring-security/application-pool-identities – EJD Aug 14 '15 at 19:07
  • Thanks-- I'll look at it. Here's what I've done so far: (1) I added an identical local user account to both pcs that has the same exact username and password on both machines. (2) In IIS on the webserver machine, I have added the same username and password to the .NET Users list for the particular application (3) I have mapped a network drive letter resource on the file server (4) set up the same drive letter on the web server but did not pay attention to adding it as a resource to a networks list (5) added an tag to web config – Earl Patrick Dean Aug 14 '15 at 19:40
  • I have added the user to the application pool for the application. I have right clicked the folder we need on file server and added the user to the share list for that folder, even though it already was set up as accessible to "everyone". – Earl Patrick Dean Aug 14 '15 at 19:41