aspnet worker process to start .bat file

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Hi there,

I have specified a aspnet user account to run all .net sites. This account
needs access to start a .BAT File (in my global.asax on session start the app
needs to execute this bat file). I have given the aspnet user Read and
execute but the .bat will still not start.

What specific permissions does this user need for other folders to start a
..bat file? Does the user need access to the WINNT\System32 directory or the
WINNT\System32\cmd.exe file?

any help appreciated.
 
Hi there,

Thankyou for your response. however, I cannot access the first article as it
is password protected?
 
I couldnt find much info on permissions in that article? I have run
sysinternals ntfilemon on the web server and have seen the following
w3wp.exe C:\windows\System32\cmd.exe ACCESS DENIED for user WEBFARM\IUSR_ALL

Does the IUSR_machinename account need access to this file? I wouldnt think
so as the .net worker process runs under the aspnet user.
 
Looks like you are running IIS6 (W2K3) in native IIS6 mode, here the worker
process runs with the NETWORK_SERVICE identity not aspnet.
When anonymous access is enabled for this site/application (see IIS
webadmin) and you have set impersonation=true in your web.config, your
thread will run as the anonymous account specified in IIS. By default this
is IUSR_Machine.

Willy.
 
Thanks for your reply.
I have specified the aspnet user in the default Application Pool Identity
section in IIS (originally it said Network_service). Each website runs under
this default application pool. I therefore assume that IIS runs under this
aspnet user?

Also I have not specified an identity=true in the web.config so it will be
the default (whatever is in the machine config).
 
great link - thanks.

however all my settings are already done correctly as specified in this
article.

any other links?
 
Back
Top