1

I am aware that I need to use System.IO and System.Security.AccessControl to create folders and set permissions respectively, which I was able to achieve locally on my drive, but, I want to connect to a desktop/server on a network with a specific domain and a specific admin account that is allowed to access the given server and can create folders and set permissions for given users.

So, in short, how should I go about connecting to a server with a specific user account to create a folder and set permissions for those folders on that server for other users?

A short working example would be wonderful, but even a Microsoft document link will be highly appreciated, I am not primarily a .Net developer and I am just really confused about where to begin.

Thank you :)

vasadia
  • 366
  • 5
  • 8
foobar
  • 87
  • 6
  • Can you just make your app pool in IIS run as that admin account? Or otherwise create a special account for it that has the necessary permissions, following the principle of least privilege? – mason Jun 25 '21 at 19:18
  • @mason at some point it needs to be deployed to production as well, not sure what will be the specifics over there. – foobar Jun 25 '21 at 21:26
  • Well in production, set the app pool identity to a user that has the necessary permissions to perform the operations it needs to perform. That's just routine app deployment. – mason Jun 25 '21 at 22:53
  • @mason is there an article that you can link that I can follow? please? – foobar Jun 25 '21 at 22:54
  • I'm sure you're as capable of using Google as anyone else. I gave you something clear to do. Do you have a specific question about how to accomplish that? – mason Jun 26 '21 at 01:16
  • @mason I added an app pool identity and, it didn't work, I have two versions of errors, if I pass the shared path, it says network name not found, and if I pass `http://servername/path` it says the format of the path is not supported. – foobar Jun 26 '21 at 13:53
  • Using HTTP would only work if the path is hosted by Web DAV, and I don't think System.IO is set up to work with Web DAV. Did you configure the app pool identity to have permissions to access the file share? If the network name isn't found, are you sure DNS is configured properly? – mason Jun 26 '21 at 14:09
  • @mason, i created an application pool with AppPoolIdentity with identity set to the service account, anonymous, basic and windows auth is enabled, I get System.UnauthorizedAccessException access to the given path is denied. All I am trying to do is that check if a folder exists at the root of the server, if not create one, I also did permissions for folder and added the account. – foobar Jun 27 '21 at 14:58
  • It doesn't matter what kind of authentication you use on the site, that doesn't affect what identity your app pool runs as. For the user that you assigned for the app pool identity, do they have permissions on the folder being accessed? – mason Jun 27 '21 at 22:18
  • @mason given that we do not want to set an AppPoolIdentity and rather choose NetworkService and pick up the username and password for the admin account from an appsettings.config in production, is there an equivalent for `Directory.SetAccessControl` .NET API that takes into account such an admin account as well? – foobar Jul 14 '21 at 16:30
  • You can take a look at: https://stackoverflow.com/questions/5437723/iis-apppoolidentity-and-file-system-write-access-permissions – Theobald Du Jul 15 '21 at 06:29

0 Answers0