Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

ASP.NET/IIS7.5 Writing Log File Not Working (Permissions, UAC, Config., ???)

We're having trouble migrating our ASP.NET applications to Windows Server 2008 R2 x64 and IIS7.5. The problem is that our ASP.NET apps write log files, and these log files are not being written. The only way the apps write their log files is if I'm logged into the server as the local Administrator user or if I right click and run IE as Run as Administrator, neither of which is an acceptable solution for us.

Our platform is: Windows Server 2008 R2 x64 (UAC setting is the default setting) IIS7.5 ASP.NET 4.0 (using Windows authentication and impersonation, both on in web.config)

Our app gets installed to: D:[appname] [appnameWebSite] (all the .aspx, .dll, etc. files are in here) \Log (the app tries to write the log file to this folder)

On the server: Created new App Pool (name: [appname], .NET 4.0, Managed Pipeline Mode: Classic, Identity: ApplicationPoolIdentity, Load User Profile: False, all other properties are the defaults) Created IIS application pointing to D:[appname][appnameWebSite] and added it the the new App Pool (Full trust level) Have a domain user in local Administrators group

With all the configuration and default settings listed above, the ASP.NET app will not write the log file. The app appears to work fine in the browser, but no log.txt file.

To try to "fix" this issues, we've tried many things: Tried Application Pool setting: Managed Pipeline Mode: Integrated Tried Application Pool setting: Identity: NetworkService Tried Application Pool setting: Identity: LocalSystem Tried Application Pool setting: Load User Profile: True Gave Users group full control to file system for our application folder structure (tried appname folder, tried Log folder only, tried appnameWebSite and Log folders only) Gave IIS AppPool[appname] (matching the new App Pool) user full control to file system for our application folder structure (tried appname folder, tried Log folder only, tried appnameWebSite and Log folders only)

None of these things helped. Again, the app would run fine, just no log file created.

As mentioned above, the only way that the log file is created when the app runs is if we log into the server using the local Administrator account (which makes sense since he's a super user) or if we run IE as administrator and elevate privileges.

Any suggestions? Help? Questions?

Thanks!

like image 691
lmttag Avatar asked May 12 '11 22:05

lmttag


1 Answers

Well, after days of trying every IIS option, user and group accounts, file system permissions, Process Explorer, etc., I think we got it working:

  • We reset all our IIS app pool and web site settings to their default values
  • We also reset the folder/file system permissions on our Log folder to the default settings
  • Then we turned off Internet Explorer Enhanced Security Configuration on the server

And success! The log file is written as expected no matter what user is using the ASP.NET application, and no matter if they're running it on the server itself or from a workstation.

I don't know if turning off Internet Explorer Enhanced Security Configuration on the server is the "correct" thing to do or if it violates any best practices, but it seems to work for us.

Does anyone have anything to add?

like image 106
lmttag Avatar answered Sep 23 '22 04:09

lmttag