I have existing .NET code that queries Active Directory once downloaded and running the .exe on a domain connected computer.
Could my .exe now run as a DDL in the Blazor browser (client-module) against the local domain and avoiding the downloading & running the .exe?
I know the sandboxed environment prevents native file system access, but would it prevent LDAP queries running?
The standard answer is no.
Blazor-in-the-Browser is held to the same limitations as JavaScript.
It's not a technical problem but a security issue.
You can of course use Blazor-on-the-Server, as long as that server has access to your AD.
Your users (on an intranet with good connections) won't notice the difference.
Related
Recently deploying an mvc4 project to a virtual directory on a shared iis6 server, I was able to get the server to allow reading files (a problem stemming partially from extensionless URLs).
I have not however, been able write anything to the database or to txt file logs, since deployment. Speaking to the hosting service I've been able to determine that the user is Network User, that all users (including asp net) have read/write privileges. I've tried moving the log files into a separate Log folder, also to no avail.
the error I'm getting is:
"[UnauthorizedAccessException: Access to the path
'D:\wwwroot\wwwroot1\isphost\psychtech\psychtech.co.il\Testing\Log\LogHttpRequ
ests.txt' is denied.]
Any and all ideas would be appreciated!
The message is pretty clear, the user of the app pool under which run the IIS worker of your site can't access this path to write to the file. The problem might be the same to save to your .mdb.
I suggest you to contact your hoster and ask him about this, it will probably be able to help.
On a side note, you may whant to use a proper database as the file/mdb ones aren't meant for load and concurent acces as it can occur in a web environement. It will also be more scalable, more reliable, more secure and more resilient to failure.
After many hours, the hosting company IT specialist demystified the problem: as I'm deploying an .net 4 application on an iis6 server, the server utilizes a different user, namely: NETWORK SERVICE. Once this service was granted write privileges, the problem was solved.
I believe this is what reporter was hinting at.
A note of caution: this configuration is highly susceptible to SQL Injection, requiring additional safety measures in the code
designing Client Server Application in C#
I'm developing an application for copying and creating files between local network shares in 1 GB connection. This application will run on a local machine with that connection.
Now I have to introduce a Client-Server connection in a way that the User can perform the same steps from his Home PC. For that reason I have to setup a Server on the local machine which has 1GB connection to the network shares and access that server application from Home to perform the same actions as the User is on his local workspace.
Once again I want to clarify that the application now is running well on a local PC with 1 GB connection. I want to reach as much as possible to that via with the Client-Server. And once again, I'm not copying files from the Client to the Server or anything like that. It is only interaction between the local shares. So I want to be able to perform a copy function from local/share1/folder1 to local/share1/folder2 from the Home PC.
I'm new to Client-Server applications. And I have no idea how to set up that. Any recommendations/suggestions are welcome. My current application is developed in C# Visual Studio, so I believe that I should better use .NET Remoting or some other already supported by Visual Studio. All I could find on the internet is how to set-up a client server application for chat, I see nothing similar to my case.
Any design decisions or code will be really helpful at this moment.
There is no need to attach snippets of my code (I guess), because the application is already running locally and I don't have to change it.
Thanks in advance!
I have a stand-alone IIS7 Server that is not joined to a domain and that is running an simple ASP.Net application. This application has an ActiveReports report that has an image control where I set the path of the image during run time to a network share on another server. When I run the application locally in Visual Studio on a desktop that is joined to the same domain as the network share, I am able to get the images, but when I deploy the application to the stand-alone IIS server and run it locally on the IIS server I am not able to get the images. I added permissions on the network share for the username and password of the login for the IIS server and I am able to navigate using Windows Explorer to the network share from the IIS server now, but I can't get the permissions right on IIS.
What is the correct way to set the permissions so that the application can access the image files on the network share?
When IIS access network resources it uses the security context (account) associated with the IIS process. This is primarily controlled by the Application Pool unless you are doing any kind of impersonation at the code level.
In order to correct you issue you'll probably need to make sure the application pool is running using a security account that has access to the network resource. Here are some links that may help
http://technet.microsoft.com/en-us/library/cc771170(v=WS.10).aspx
http://www.iis.net/learn/manage/configuring-security/application-pool-identities
Also, don't forget, if you are using windows file services for your network share there are two levels of permissions, those that are set at a share level and those that are set at the file level if using NTFS. Here is some info:
http://technet.microsoft.com/en-us/library/cc754178.aspx
One idea: on the IIS7 server, create a Virtual Directory that points to the share. When creating a Virtual Directory, IIS will let you enter credentials needed to access a share.
Then, you'll need your image paths to reference the share.
I have a web application in asp.net and C# that must access a remote server to copy some files. The web application basically deploys other web applications.
Let us say that the web app runs on a "developement" server and needs to interact with a "production" server. From the user's point of view they are both remote machines. He accesses the application (running on the "developement" machine) on his browser and does not see the code and the access credentials to the "production" machine.
At some point, it needs to copy .ascx, .aspx, .cs files from the developement to the production machine. I hope this is clear ^___^
Can anyone tell me what is the best way to do the file transfer?
Thanks!!!
Sep
If the machines are on the same network, a simple File.Copy using UNC paths (\\myserver\sharename\folder\file.ext) will do the trick.
If they are further apart, you could use FTP (FtpWebRequest on MSDN) to send files to a remote FTP server (assuming there is one) - or host an FTP server on your development machine (IIS can do that) and have the production machine download from it; regular HTTP would work in that instance too.
Finally if there are firewalls and god-knows-what-else in the way, you could write a web service/request handler on your deployment server that will serve files to the remote machine, which downloads them.
Unless you have LAN/UNC network access to the remote machine, there will almost certainly need to be a component installed on the remote machine to facilitate the copy.
To set up the application (copying files won't necessarily do it; you might need configuration too) you can use WMI, to script IIS actions - or you can use the System.Management classes to do this straight from .NET:
http://learn.iis.net/page.aspx/163/managing-applications-and-application-pools-on-iis-70-with-wmi/
Hope that helps, or at least gives some food for thought..
We've got a process currently which causes ASP.NET websites to be redeployed. The code is itself an ASP.NET application. The current method, which has worked for quite a while, is simply to loop over all the files in one folder and copy them over the top of the files in the webroot.
The problem that's arisen is that occasionally files end up being in use and hence can't be copied over. This has in the past been intermittent to the point it didn't matter but on some of our higher traffic sites it happens the majority of the time now.
I'm wondering if anyone has a workaround or alternative approach to this that I haven't thought of. Currently my ideas are:
Simply retry each file until it works. That's going to cause errors for a short time though which isn't really that good.
Deploy to a new folder and update IIS's webroot to the new folder. I'm not sure how to do this short of running the application as an administrator and running batch files, which is very untidy.
Does anyone know what the best way to do this is, or if it's possible to do #2 without running the publishing application as a user who has admin access (Willing to grant it special privileges, but I'd prefer to stop short of administrator)?
Edit
Clarification of infrastructure... We have 2 IIS 7 webservers in an NLB running their webroots off a shared NAS (To be more clear, they're using the exact same webroot on the NAS). We do a lot of deploys, to the point where any approach we can't automate really won't be viable.
What you need to do is temporary stop IIS from processing any incoming requests for that app, so you can copy the new files and then start it again. This will lead to a small downtime for your clients, but unless your website is mission critical, that shouldn't be that big of a problem.
ASP.NET has a feature that targets exactly this scenario. Basically, it boils down to temporarily creating a file named App_Offline.htm in the root of your webapp. Once the file is there, IIS will takedown the worker process for you app and unload any files in use. Once you copy over your files, you can delete the App_Offline.htm file and IIS will happily start churning again.
Note that while that file is there, IIS will serve its content as a response to any requests to your webapp. So be careful what you put in the file. :-)
Another solution is IIS Programmatic Administration.
Then you can copy your new/updated web to an alternative directory then switch the IIS root of your webapp to this alternative directory. Then you don't matter if files are locked in the original root. This a good solution for website availability.
However it requires some permission tuning...
You can do it via ADSI or WMI for IIS 6 or Microsoft.Web.Administration for IIS 7.
About your 2., note that WMI don't require administrator privileges as ADSI do. You can configure rights by objects. Check your WMI console (mmc).
Since you're already load balancing between 2 web servers, you can:
In the load balancer, take web server A offline, so only web server B is in use.
Deploy the updated site to web server A.
(As a bonus, you can do an extra test pass on web server A before it goes into production.)
In the load balancer, take B offline and put A online, so only web server A is in use.
Deploy the updated site to web server B.
(As a bonus, you can do an extra test pass on web server B before it goes into production.)
In the load balancer, put B back online. Now both web servers are upgraded and back in use in production.
List item
You could also try to modify the timestamp of web.config in the root folder before attempting to copy the files. This will unload the application and free used files.
Unless you're manually opening a handle to a file on your web server, IIS won't keep locks on your files.
Try shutting down other services that might be locking your files. Some examples of common services that do just that:
Windows Search
Google Desktop Search
Windows Backup
any other anti-virus or indexing software
We had the same server (2003) and the same problem. Certain dll's were being locked and putting the App_Offline.htm in the website root did jack diddly for us.
Solution:
File permissions!
We were using a web service which runs under the Network Service account or the IIS_WPG account to deploy updates to the web site. Thus it needed write access to all the files. I already knew this, and had already set the permissions on the directory a while ago. But for some strange reason, the necessary permissions were not set on this one problem dll. You should check the permissions not only on the directory, but on the problem file as well.
We gave Network Service and IIS_WPG users read/write access to the entire web root directory and that solved our file in use, file locked, timeout, and access denied issues.