We have a C# web application, and the latest deploy doesn't work on our Windows Small Business Server 2008 (IIS7). The exact copy of that site runs fine on my Windows 7 machine (IIS7.5). The previous version and other builds still work on the Server 2008 R2 machine, but this itteration doesn't.
I've checked the W3SVC logs, but no requests are logged. I've checked the eventlog for errors, but no errors are logged. I also checked in fiddler, but the request just doesn't get a response as far as I can tell (Result column remains -)
When you open the url, the browser will just keep loading (no timeout).
Is there anything else I can check or enable to debug this IIS7 behaviour?
Thanks in advance,
Nick.
UPDATE
I published the application again & created a new site in IIS, and this new version works. While my the immediate problem is solved at this time, I would still like to know how to debug IIS7, see how it works & why it would keep loading infinitely.
First, I would drop a regular .html file into the sites directory. Then I would have a browser request that specific static file. This would bypass the .net engine and should be logged.
If for some reason it doesn't work and/or isn't logged then there are other things to check, let us know.
Assuming that it does serve the file and you are pointing to the correct machine then inspect your global.asax file and remove any type of error handling you might have. Also turn off the custom errors section of your web.config. Both of which could result in the server essentially spinning off into nothingness if improperly coded. If you have any type of additional threads you are spinning up on access, then see if you can turn those off or add additional logging.
Next, look in the HTTPERR logs to see if you can identify what's going on. These are located at
%SystemRoot%\system32\LogFiles\HTTPERR\httperr*.log
Info about this log file is at: http://support.microsoft.com/default.aspx?scid=kb;en-us;820729
If your app uses ADO then there is chance that depending where the build occurred on Windows 7 or not and whether SP1 is installed or not (at the time of the build) that your build is broken by some Micorsoft ADO-update contained in SP1 (see http://www.codeproject.com/Articles/225491/Your-ADO-is-broken.aspx).
If no requests are logged in the W3SVC logs then it probably means that IIS is not recieving the request at all - likely due to firewall configuration or similar.
You should diagnose why IIS is unavailable (for example by attempting to serve some static content) and then try again.
Try these:
re-register asp.net runtime with your IIS7
make sure the asp.net extension for the correct version is set to Allowed in 'ISAPI and CGI restrictions' in your IIS
Related
I'm getting "Unable to start program http://localhost:[port] Access is denied." when I try to debug an ASP.NET MVC app. Here are some more details, some of which may not be relevant.
This is happening under a somewhat different context for this project. I recently obtained an elevated account on the network, so now I'm running VS 2017 (15.5.4) as Admin every time I start it so that I can access the TFS server. Previous to this, I had been working offline with my non-elevated account and passing code changes to another developer for him to check in to TFS. I am still logged on to the local PC (Windows 10) with my non-elevated account. I just start VS as an admin and when prompted enter the credentials for the elevated account.
This morning was the first time I ran VS under this new context, got the latest code, and tried to do some work. I had to delete an existing TFS workspace, but I did get a complete refresh of the code from TFS.
The first time I went to F5 the code in this new context I get a warning about the app using SSL and VS wanting to self-sign a certificate. I said yes. I forget exactly what happened at that point, I think the browser (Firefox) timed out trying to connect. Anyway, I tried a different browser (Chrome) and still no luck.
Yet now, whether I , +, , or , I very quickly get the message from above "Unable to start program..." I've done a lot of searching on this problem, but have had no success in getting close to a solution. Here's what I've tried:
Cleaned the build and done a fresh rebuild. Building works, no issues.
Use netsh to look for (and delete) URL reservation. There wasn't one.
Tried using a different port.
Deleted temporary asp.net files.
Turn JavaScript debugging option off in VS.
Crtl+F5, w/o debugger.
Turn SSL off for the project.
Checked, Windows Authentication is on in web.config.
Used Process Monitor to look for any "access denied" for either devenv.exe or iisexpress.exe
So what I'm hoping for here is not so much a silver bullet (though that would be great), but more some help in troubleshooting. Access denied means some resource--a file, a registry setting, a network share, something--is inaccessible in the context in which I'm running. Exactly what that is has got to be recorded somewhere, I hope. What log files does VS write to when you hit ? I've looked at the output during build and there's nothing there.
I'm sure I haven't exhausted all resources in troubleshooting this, I just need some help on where to look. Also, I had to leave that project/site and head to another, so I won't be able to try any ideas you all throw at me until tomorrow, at the earliest.
Please take a look at these answers in a similar question. From the list you provided it appears some of these may be new things to try for your case.
Specifically, I have run across the following answers in that linked question that have worked for me at various times in my career:
If you're using Anonymous Authentication, IIS 7 will use the "IUSR"
account for directory access (unless you've set it to use the app
pool identity. If you haven't granted IUSR sufficient permissions on
your site's folders and files, you'll get this error
For me in windows 7 it started to work only after I gave 'Read &
execute', 'List folder contents', 'Read' permissions to site folder
for both users
IUSR
NETWORK SERVICE
I had the same problem, I enabled "Anonymous Authentication" but it
still did not work. So I also ENABLED "Forms Authentication" Then it
worked without any problems. (also try windows auth)
For me, nothing worked except the following, which solved the
problem: open IIS, select the site, open Authentication (in the IIS
section), right click Anonymous Authentication and select Edit,
select Application Pool Identity.
I gave access to "IIS_IUser" but instead it should be "IUSR". That
solved the problem.
I have a very similar problem with yours and my architecture uses windows authentication and what works for me is selecting my project and going to properties. Then select "Enabled" on Windows Authentication.
So, I've been working on project that's making use of the Katana/Owin pipeline. And I'm trying to use Owin to serve static files securely. Now, when I run the project locally through VS, everything works perfectly fine.
However, when I deploy it to a server (Windows Server 2008 R2, IIS 7), IIS has decided that it'll be damned before it lets any dirty managed handler manage its static files. Even when I've removed the static file handler. Even when I've added my own handler for a specific path. Even when I've told it to run All Managed Modules For All Requests. And since the path that's being passed in is a virtual path, IIS of course craps out and dies and either spits out a 500 or a 404 error. I'm not entirely sure what causes it to spit out a 500 over a 404, but anytime the request is deeper than 1 directory deep it gives out a 500 over 404. (/Client/Content/Folder/static.html(404) vs /Client/Content/Folder/SubFolder/static.html (500))
I'm just not sure where to go from here, at all. Worse still, when I've deployed to my local IIS (not running it out of VS, that is.) it works perfectly. It respects the web.config, the Owin middleware handles the static requests perfectly, the security is in place. Everything is peachy. Granted I'm running IIS 8 express on my box, but I'm not convinced that that is it.
I'm going to post my comment as an answer since the more I think about it, the more sure I am that it could be the issue.
Check that all necessary asp.net and IIS features have been installed correctly via Programs and Features - do a comparison between your dev and server environments. I've experienced essentially the same issues as yourself and this was usually the reason.
If this isn't the reason, check the IIS settings/Application pool settings make sure they are the on dev and production environments.
I am trying without complete success to create a wso2 identity server on a windows server 2008 vm. I followed the online instructions and installed the pre-requisits (jre and jdk), downloaded the zip file, setup the environment variables, and ran the wso2server.bat file. There were a lot of errors.
I then realized I needed to add active directory role on the server, which I did. It still wouldn't install. I did some more online research which led me to believe I needed to install wso2 esb as well, which I did. I was able to get that install to work and was able to create a desktop app to consume the web services. All well and good. but then as part of the requirements they wanted to enable passive sts with an asp.net client (not really sure what that is), so I went back to the identity server and am still getting errors while running the bat file, though I an able to run the gui from the browser, but unable to log in.
The exception I am getting is :
TID: [0] [IS] [2013-10-07 10:34:58,746] ERROR {org.wso2.carbon.event.core.internal.builder.EventBrokerHandler} - Can not create the event broker {org.wso2.carbon.event.core.internal.builder.EventBrokerHandler} org.wso2.carbon.event.core.exception.EventBrokerConfigurationException: Can not access the user registry
in addition, I am also getting authentication errors on some of the esb web calls, but not all, and I would also like to know how to change from the default user store (ldap or ad or whatever it is) to sql server.
I have seen a few examples for doing it with mysql and oracle, but not sql server, specific product information is sometimes challenging to find.
Any help would be greatly appreciated.
Thanks. Mike
I am bin deploying a MVC 3 site... it works fine on our 'Staging' server, which "theoretically" mirrors our "QA" server. However, when deployed to QA, it just gives a 500 error when trying to access it from the web browser. We've turned detailed errors on in the web.config, turning off friendly http errors in IE, but nothing.
Any suggestions on what we might check for? I've already verified that .NET 4 Client & .NET 4 Extended are installed on the server. I need to compile a checklist of possibilities. Scratching my head hard on this one...
UPDATE:
I noticed one oddity here, running the powershell command:
test-path "$<Env:ProgramFiles(x86)>\Microsoft ASP.NET"
returns false. As I said before, .NET 4 (Client & Extended) are installed, but nothing else. I find this a little suspect...
Log into the server's desktop and open the web-site from the browser there. You should then see the actual exception details.
This is going to take some troubleshooting on your part.
But, I would check the following, it sounds like it involves one of these guys:
web.config
machine.config
make sure all .dlls are installed (check the GAC)
make sure your IIS pool isn't wrong version
These are only a few off the top of my head. Hope it helps.
Agree with #Andrew, knowing the exception would really help.
Just to make sure, you've tried setting the customErrors element in your web.config to Off right? This way the exception details will show everywhere instead of a HTTP 500.
Try changing the AppPool that your site uses is set to .NET 4 Integrated
You could also try running aspnet_regiis.exe to re-register .NET with IIS.
This sounds like customErrors and httpErrors setting issue. Also check IIS permission/trust levels are configured properly.
Environment:
win2003 running IIS6 serving asp pages that call delphi code.
Delphi code contacts a c# webservice for which it needs to login (login.asmx). Webservice logs show login is successful. Debug results show that Context.User.Identity.IsAuthenticated returns true.
After login, delphi code doublechecks if it is still authenticated. Webservice returns false -> Context.User.Identity.IsAuthenticated returns false.
Our guess: authentication cookie received by delphi code running under IIS6 credentials (network service?) does not get saved to disk, so login is lost.
Filemon shows 'C:\WINDOWS\Temp\Temporary Internet Files' access denied. Giving IIS6 user admin rights on that folder fixes the problem, but is not acceptable since cookies should work by default.
Running IIS6 in IIS5 compatibility mode fixes the problem, but is also not preferred
Wanted solution: exact cause of problem and smallest modification possible in configuration (giving admin rights to IUSR is not an option)
Cookies do work by default, but you have to have somewhere to store them. If you don't want to give access to the normal place where they are stored, then you will need to set up another directory that you can give rights to and set it up as the internet cache for the IIS6 user.
A couple quick resources that may help, given that for this type of problem you have a fairly large number of potential issues, see this.
One important difference between IIS5 and IIS6 is that Windows 2003 underwent a significant security lockdown with the SP1 update. There are a very large number of things that worked for Windows 2000 that just will not in 2003 (and should not have - they opened the door to all sorts of shenanigans). Trying to track down all the places where IIS6 locked stuff down might be challenging, instead I would use the above resource to track down the common issues people are running into with IIS6.