The online FAQ database contains hundreds of answers to frequently asked questions, articles on using our
web server applications and other related technologies, and resolutions to common problems. If you are seeing
an error message, be sure to try searching on the error message or error number that you are seeing.
|
| |
| |
| |
| |
|
What are file system permissions and why does the application need any changes to the permissions?
|
|
|
The file system permissions control what actions an installed web server application can perform on the server's hard disk. For an interactive web server application to do much that is useful, it sometimes needs to update or store some data. In order for it to do that, it has to be able to write this data to the disk someplace. If it cannot write data to disk, then it is impossible for the application to make any configuration changes, or when using a JET database, to store anything new in the database file.
For the application to function, it must have write permissions in a number of critical places. This varies slightly with each application, but the easiest description is to simply allow write permissions on all of the folders that the application is installed in. This will allow the application to properly make any configuration changes or save updates to log files and more.
The web server uses an internal user account on the web server called the anonymous user account. The anonymous user account is the account that the IIS web server impersonates when a public user comes to your web site. All of your site users appear to be this same anonymous user to the underlying Windows Server Operating System. The File System permissions are controlled and effected by the underlying operating system, not the IIS web server. So this is controlled by the same mechanisms that you use to manage filesystem permissions on a network, but only for this local server account.
The anonymous user account is created by default when IIS is installed on the Windows Server. By default, it will be named IUSR_MachineName, where "MachineName" is the network name of the web server. The easiest way to ensure that your server is configured properly is to make sure that the anonymous user account has full access permissions in all of the application folders and the folder that the MDB database file is stored in if you are using a JET database. For example, if you are using xcAuction, then these would be the auction, data, and membership folders. Or, if you are using xcClassified, then these would be the classifieds, data, and membership folders.
If your site is hosted with an ISP or other web host, you may not have the ability to make those permission changes. On some hosts that do allow you to do that yourself, they will normally provide you with some sort of Control Panel login where you can manage or make adjustments to your site settings. If your host does not provide that option for you, then you will need to contact your host support personnel for assistance making those changes.
Note: These are NTFS filesystem permissions. The filesystem permissions are not set or controlled by the IIS web server's administration tool. The IIS administration tool only affects the IIS server's access privileges which are completely independent of the underlying NTFS filesystem permissions. Enabling full access or write permissions for the IIS server's anonymous user account will not allow anyone to write files to the web server from their browser. That can be done only if you enable that functionality separately (we don't advise it on publicly accessable servers). These permissions only allow scripts or applications on the server to be able to fully read/write data on the web site.
|
|
|
|
| |
