IIS Virtual Directory Create Failure in Web Service :(

Eskimo · Eskimo

System.UnauthorizedAccessException: Access is denied.
at System.DirectoryServices.Interop.IAds.SetInfo()
at System.DirectoryServices.DirectoryEntry.CommitChan ges()
at CreateVirtualDirectories.Dal.CreateWebVirtualDirec tory.Create

....

tried on the local development box and it had issues like this

until I gave permissions like described in Article ID 329986, scroll down,
Method A.

It is a double hop as I did the test at the bottom in the Quick Test section.

Code snippets:

Web.config for web service having the error shown above...

<identity impersonate="true" />
....

SCHEMA= "IIsWebVirtualDir";
mRootSubPath = "/W3SVC/1/Root";

....

DirectoryEntry deRoot= new DirectoryEntry("IIS://" + "localhost"
+ mRootSubPath,winAcctId,winAcctPwd,AuthenticationTy pes.Secure);

....

if (Directory.Exists("c:\temp\Eskimo\") == false)
{

Directory.CreateDirectory("c:\temp\Eskimo\");

}

deRoot.RefreshCache();

DirectoryEntry deNewVDir =
deRoot.Children.Add("Eskimo",mSchema);

deNewVDir.Properties["Path"].Insert(0,"c:\temp\Eskimo\");

....
deNewVDir.Properties["AccessRead"][0] =true;
deNewVDir.Properties["AccessWrite"][0] = true;
deNewVDir.Properties["AccessExecute"][0] = true;
deNewVDir.Properties["AuthAnonymous"][0] = false;
deNewVDir.Properties["AuthBasic"][0] = false;
deNewVDir.Properties["AuthNTLM"][0] = true;
deNewVDir.Properties["ContentIndexed"][0] = false;
deNewVDir.Properties["EnableDirBrowsing"][0] = true;
...
deNewVDir.Invoke("AppCreate",true);

deNewVDir.CommitChanges();
deRoot.CommitChanges();

deNewVDir.Close();

deRoot.Close();
....

Now: in a windows application it works great! I have a DLL project and a
windows app test project and the web service accessing the DLL project.
In a web service I get the error listed above... :(

--
tym, Eskimo

Daniel Fisher\(lennybacon\) · Daniel Fisher\(lennybacon\)

You get the error because a WindowsApplication runs under the CodeGroup
My_Computer_Zone, WebServices and WebApplications run under
LocalIntranet_Zone. It's a CodeAccessSecurity issue.

Try to add an assembly with the code to the GAC, write a wrapper for the GAC
assembly and deploy it to the bin directory of the WebService and call the
methods of the wrapper from the assembly of your solution (WebService).

--
Daniel Fisher(lennybacon)
MCP ASP.NET C#
Blog: [url]http://www.lennybacon.com/[/url]

"Eskimo" <Eskimo@discussions.microsoft.com> wrote in message
news:A6D68D60-6B23-414D-B4C2-6798FFD0C76B@microsoft.com...

>
> System.UnauthorizedAccessException: Access is denied.
> at System.DirectoryServices.Interop.IAds.SetInfo()
> at System.DirectoryServices.DirectoryEntry.CommitChan ges()
> at CreateVirtualDirectories.Dal.CreateWebVirtualDirec tory.Create
>
> ...
>
> tried on the local development box and it had issues like this
>
> until I gave permissions like described in Article ID 329986, scroll down,
> Method A.
>
> It is a double hop as I did the test at the bottom in the Quick Test
> section.
>
>
>
> Code snippets:
>
> Web.config for web service having the error shown above...
>
> <identity impersonate="true" />
> ...
>
> SCHEMA= "IIsWebVirtualDir";
> mRootSubPath = "/W3SVC/1/Root";
>
> ...
>
> DirectoryEntry deRoot= new DirectoryEntry("IIS://" +
> "localhost"
> + mRootSubPath,winAcctId,winAcctPwd,AuthenticationTy pes.Secure);
>
> ...
>
> if (Directory.Exists("c:\temp\Eskimo\") == false)
> {
>
> Directory.CreateDirectory("c:\temp\Eskimo\");
>
> }
>
> deRoot.RefreshCache();
>
> DirectoryEntry deNewVDir =
> deRoot.Children.Add("Eskimo",mSchema);
>
> deNewVDir.Properties["Path"].Insert(0,"c:\temp\Eskimo\");
>
> ...
> deNewVDir.Properties["AccessRead"][0] =true;
> deNewVDir.Properties["AccessWrite"][0] = true;
> deNewVDir.Properties["AccessExecute"][0] = true;
> deNewVDir.Properties["AuthAnonymous"][0] = false;
> deNewVDir.Properties["AuthBasic"][0] = false;
> deNewVDir.Properties["AuthNTLM"][0] = true;
> deNewVDir.Properties["ContentIndexed"][0] = false;
> deNewVDir.Properties["EnableDirBrowsing"][0] = true;
> ...
> deNewVDir.Invoke("AppCreate",true);
>
> deNewVDir.CommitChanges();
> deRoot.CommitChanges();
>
> deNewVDir.Close();
>
> deRoot.Close();
> ...
>
> Now: in a windows application it works great! I have a DLL project and a
> windows app test project and the web service accessing the DLL project.
> In a web service I get the error listed above... :(
>
> --
> tym, Eskimo

Eskimo · Eskimo

?????

It's installed on a win 2003 server with a web installation project. It
works fine on the dev box, not on the server <grrr - code fix? />

as such - it's in the gac! the dll project is just that - a dll referenced
via the web service. the windows app hits the same dll project.

code example please of the "hello world" web service for what you're
suggesting :)

"Daniel Fisher(lennybacon)" wrote:

> You get the error because a WindowsApplication runs under the CodeGroup
> My_Computer_Zone, WebServices and WebApplications run under
> LocalIntranet_Zone. It's a CodeAccessSecurity issue.
>
> Try to add an assembly with the code to the GAC, write a wrapper for the GAC
> assembly and deploy it to the bin directory of the WebService and call the
> methods of the wrapper from the assembly of your solution (WebService).
>
> --
> Daniel Fisher(lennybacon)
> MCP ASP.NET C#
> Blog: [url]http://www.lennybacon.com/[/url]
>
>
> "Eskimo" <Eskimo@discussions.microsoft.com> wrote in message
> news:A6D68D60-6B23-414D-B4C2-6798FFD0C76B@microsoft.com...

> >
> > System.UnauthorizedAccessException: Access is denied.
> > at System.DirectoryServices.Interop.IAds.SetInfo()
> > at System.DirectoryServices.DirectoryEntry.CommitChan ges()
> > at CreateVirtualDirectories.Dal.CreateWebVirtualDirec tory.Create
> >
> > ...
> >
> > tried on the local development box and it had issues like this
> >
> > until I gave permissions like described in Article ID 329986, scroll down,
> > Method A.
> >
> > It is a double hop as I did the test at the bottom in the Quick Test
> > section.
> >
> >
> >
> > Code snippets:
> >
> > Web.config for web service having the error shown above...
> >
> > <identity impersonate="true" />
> > ...
> >
> > SCHEMA= "IIsWebVirtualDir";
> > mRootSubPath = "/W3SVC/1/Root";
> >
> > ...
> >
> > DirectoryEntry deRoot= new DirectoryEntry("IIS://" +
> > "localhost"
> > + mRootSubPath,winAcctId,winAcctPwd,AuthenticationTy pes.Secure);
> >
> > ...
> >
> > if (Directory.Exists("c:\temp\Eskimo\") == false)
> > {
> >
> > Directory.CreateDirectory("c:\temp\Eskimo\");
> >
> > }
> >
> > deRoot.RefreshCache();
> >
> > DirectoryEntry deNewVDir =
> > deRoot.Children.Add("Eskimo",mSchema);
> >
> > deNewVDir.Properties["Path"].Insert(0,"c:\temp\Eskimo\");
> >
> > ...
> > deNewVDir.Properties["AccessRead"][0] =true;
> > deNewVDir.Properties["AccessWrite"][0] = true;
> > deNewVDir.Properties["AccessExecute"][0] = true;
> > deNewVDir.Properties["AuthAnonymous"][0] = false;
> > deNewVDir.Properties["AuthBasic"][0] = false;
> > deNewVDir.Properties["AuthNTLM"][0] = true;
> > deNewVDir.Properties["ContentIndexed"][0] = false;
> > deNewVDir.Properties["EnableDirBrowsing"][0] = true;
> > ...
> > deNewVDir.Invoke("AppCreate",true);
> >
> > deNewVDir.CommitChanges();
> > deRoot.CommitChanges();
> >
> > deNewVDir.Close();
> >
> > deRoot.Close();
> > ...
> >
> > Now: in a windows application it works great! I have a DLL project and a
> > windows app test project and the web service accessing the DLL project.
> > In a web service I get the error listed above... :(
> >
> > --
> > tym, Eskimo

>
>
>

Joe Kaplan \(MVP - ADSI\) · Joe Kaplan \(MVP - ADSI\)

Actually, it would have been a SecurityException if it was related to CAS.
This was the Windows security error that we were previously discussing.
Also, it is more typical for web applications to run with Full Trust.
Downloaded controls tend to run in partial trust, but that wasn't being
discussed here.

Joe K.

"Eskimo" <Eskimo@discussions.microsoft.com> wrote in message
news:2E7CA37B-3AE3-4E9B-BBDB-D719115EE0F8@microsoft.com...

> ?????
>
> It's installed on a win 2003 server with a web installation project. It
> works fine on the dev box, not on the server <grrr - code fix? />
>
> as such - it's in the gac! the dll project is just that - a dll
> referenced
> via the web service. the windows app hits the same dll project.
>
> code example please of the "hello world" web service for what you're
> suggesting :)
>
> "Daniel Fisher(lennybacon)" wrote:
>

>> You get the error because a WindowsApplication runs under the CodeGroup
>> My_Computer_Zone, WebServices and WebApplications run under
>> LocalIntranet_Zone. It's a CodeAccessSecurity issue.
>>
>> Try to add an assembly with the code to the GAC, write a wrapper for the
>> GAC
>> assembly and deploy it to the bin directory of the WebService and call
>> the
>> methods of the wrapper from the assembly of your solution (WebService).
>>
>> --
>> Daniel Fisher(lennybacon)
>> MCP ASP.NET C#
>> Blog: [url]http://www.lennybacon.com/[/url]
>>
>>
>> "Eskimo" <Eskimo@discussions.microsoft.com> wrote in message
>> news:A6D68D60-6B23-414D-B4C2-6798FFD0C76B@microsoft.com...

>> >
>> > System.UnauthorizedAccessException: Access is denied.
>> > at System.DirectoryServices.Interop.IAds.SetInfo()
>> > at System.DirectoryServices.DirectoryEntry.CommitChan ges()
>> > at CreateVirtualDirectories.Dal.CreateWebVirtualDirec tory.Create
>> >
>> > ...
>> >
>> > tried on the local development box and it had issues like this
>> >
>> > until I gave permissions like described in Article ID 329986, scroll
>> > down,
>> > Method A.
>> >
>> > It is a double hop as I did the test at the bottom in the Quick Test
>> > section.
>> >
>> >
>> >
>> > Code snippets:
>> >
>> > Web.config for web service having the error shown above...
>> >
>> > <identity impersonate="true" />
>> > ...
>> >
>> > SCHEMA= "IIsWebVirtualDir";
>> > mRootSubPath = "/W3SVC/1/Root";
>> >
>> > ...
>> >
>> > DirectoryEntry deRoot= new DirectoryEntry("IIS://" +
>> > "localhost"
>> > + mRootSubPath,winAcctId,winAcctPwd,AuthenticationTy pes.Secure);
>> >
>> > ...
>> >
>> > if (Directory.Exists("c:\temp\Eskimo\") == false)
>> > {
>> >
>> > Directory.CreateDirectory("c:\temp\Eskimo\");
>> >
>> > }
>> >
>> > deRoot.RefreshCache();
>> >
>> > DirectoryEntry deNewVDir =
>> > deRoot.Children.Add("Eskimo",mSchema);
>> >
>> >
>> > deNewVDir.Properties["Path"].Insert(0,"c:\temp\Eskimo\");
>> >
>> > ...
>> > deNewVDir.Properties["AccessRead"][0] =true;
>> > deNewVDir.Properties["AccessWrite"][0] = true;
>> > deNewVDir.Properties["AccessExecute"][0] = true;
>> > deNewVDir.Properties["AuthAnonymous"][0] = false;
>> > deNewVDir.Properties["AuthBasic"][0] = false;
>> > deNewVDir.Properties["AuthNTLM"][0] = true;
>> > deNewVDir.Properties["ContentIndexed"][0] = false;
>> > deNewVDir.Properties["EnableDirBrowsing"][0] = true;
>> > ...
>> > deNewVDir.Invoke("AppCreate",true);
>> >
>> > deNewVDir.CommitChanges();
>> > deRoot.CommitChanges();
>> >
>> > deNewVDir.Close();
>> >
>> > deRoot.Close();
>> > ...
>> >
>> > Now: in a windows application it works great! I have a DLL project and
>> > a
>> > windows app test project and the web service accessing the DLL project.
>> > In a web service I get the error listed above... :(
>> >
>> > --
>> > tym, Eskimo

>>
>>
>>

Eskimo · Eskimo

So where do you assign a web service full trust? and the underlying dll's ?

"Joe Kaplan (MVP - ADSI)" wrote:

> Actually, it would have been a SecurityException if it was related to CAS.
> This was the Windows security error that we were previously discussing.
> Also, it is more typical for web applications to run with Full Trust.
> Downloaded controls tend to run in partial trust, but that wasn't being
> discussed here.
>
> Joe K.
>
> "Eskimo" <Eskimo@discussions.microsoft.com> wrote in message
> news:2E7CA37B-3AE3-4E9B-BBDB-D719115EE0F8@microsoft.com...

> > ?????
> >
> > It's installed on a win 2003 server with a web installation project. It
> > works fine on the dev box, not on the server <grrr - code fix? />
> >
> > as such - it's in the gac! the dll project is just that - a dll
> > referenced
> > via the web service. the windows app hits the same dll project.
> >
> > code example please of the "hello world" web service for what you're
> > suggesting :)
> >
> > "Daniel Fisher(lennybacon)" wrote:
> >

> >> You get the error because a WindowsApplication runs under the CodeGroup
> >> My_Computer_Zone, WebServices and WebApplications run under
> >> LocalIntranet_Zone. It's a CodeAccessSecurity issue.
> >>
> >> Try to add an assembly with the code to the GAC, write a wrapper for the
> >> GAC
> >> assembly and deploy it to the bin directory of the WebService and call
> >> the
> >> methods of the wrapper from the assembly of your solution (WebService).
> >>
> >> --
> >> Daniel Fisher(lennybacon)
> >> MCP ASP.NET C#
> >> Blog: [url]http://www.lennybacon.com/[/url]
> >>
> >>
> >> "Eskimo" <Eskimo@discussions.microsoft.com> wrote in message
> >> news:A6D68D60-6B23-414D-B4C2-6798FFD0C76B@microsoft.com...
> >> >
> >> > System.UnauthorizedAccessException: Access is denied.
> >> > at System.DirectoryServices.Interop.IAds.SetInfo()
> >> > at System.DirectoryServices.DirectoryEntry.CommitChan ges()
> >> > at CreateVirtualDirectories.Dal.CreateWebVirtualDirec tory.Create
> >> >
> >> > ...
> >> >
> >> > tried on the local development box and it had issues like this
> >> >
> >> > until I gave permissions like described in Article ID 329986, scroll
> >> > down,
> >> > Method A.
> >> >
> >> > It is a double hop as I did the test at the bottom in the Quick Test
> >> > section.
> >> >
> >> >
> >> >
> >> > Code snippets:
> >> >
> >> > Web.config for web service having the error shown above...
> >> >
> >> > <identity impersonate="true" />
> >> > ...
> >> >
> >> > SCHEMA= "IIsWebVirtualDir";
> >> > mRootSubPath = "/W3SVC/1/Root";
> >> >
> >> > ...
> >> >
> >> > DirectoryEntry deRoot= new DirectoryEntry("IIS://" +
> >> > "localhost"
> >> > + mRootSubPath,winAcctId,winAcctPwd,AuthenticationTy pes.Secure);
> >> >
> >> > ...
> >> >
> >> > if (Directory.Exists("c:\temp\Eskimo\") == false)
> >> > {
> >> >
> >> > Directory.CreateDirectory("c:\temp\Eskimo\");
> >> >
> >> > }
> >> >
> >> > deRoot.RefreshCache();
> >> >
> >> > DirectoryEntry deNewVDir =
> >> > deRoot.Children.Add("Eskimo",mSchema);
> >> >
> >> >
> >> > deNewVDir.Properties["Path"].Insert(0,"c:\temp\Eskimo\");
> >> >
> >> > ...
> >> > deNewVDir.Properties["AccessRead"][0] =true;
> >> > deNewVDir.Properties["AccessWrite"][0] = true;
> >> > deNewVDir.Properties["AccessExecute"][0] = true;
> >> > deNewVDir.Properties["AuthAnonymous"][0] = false;
> >> > deNewVDir.Properties["AuthBasic"][0] = false;
> >> > deNewVDir.Properties["AuthNTLM"][0] = true;
> >> > deNewVDir.Properties["ContentIndexed"][0] = false;
> >> > deNewVDir.Properties["EnableDirBrowsing"][0] = true;
> >> > ...
> >> > deNewVDir.Invoke("AppCreate",true);
> >> >
> >> > deNewVDir.CommitChanges();
> >> > deRoot.CommitChanges();
> >> >
> >> > deNewVDir.Close();
> >> >
> >> > deRoot.Close();
> >> > ...
> >> >
> >> > Now: in a windows application it works great! I have a DLL project and
> >> > a
> >> > windows app test project and the web service accessing the DLL project.
> >> > In a web service I get the error listed above... :(
> >> >
> >> > --
> >> > tym, Eskimo
> >>
> >>
> >>

>
>
>

Joe Kaplan \(MVP - ADSI\) · Joe Kaplan \(MVP - ADSI\)

In your case, you already have Full Trust. You can't even call
System.DirectoryServices.dll without it because it doesn't allow partially
trusted callers at all. So that isn't really important for the original
issue you were asking about. That is strictly an issue with Windows
security.

However, to modify CAS policy for a web application, you modify the
<securityPolicy> element in web.config.

Joe K.

"Eskimo" <Eskimo@discussions.microsoft.com> wrote in message
news:FE26B6EE-BC1E-4FCB-BF86-BE87BF38FF59@microsoft.com...

> So where do you assign a web service full trust? and the underlying dll's
> ?
>
>
>
> "Joe Kaplan (MVP - ADSI)" wrote:
>

>> Actually, it would have been a SecurityException if it was related to
>> CAS.
>> This was the Windows security error that we were previously discussing.
>> Also, it is more typical for web applications to run with Full Trust.
>> Downloaded controls tend to run in partial trust, but that wasn't being
>> discussed here.
>>
>> Joe K.
>>
>> "Eskimo" <Eskimo@discussions.microsoft.com> wrote in message
>> news:2E7CA37B-3AE3-4E9B-BBDB-D719115EE0F8@microsoft.com...

>> > ?????
>> >
>> > It's installed on a win 2003 server with a web installation project.
>> > It
>> > works fine on the dev box, not on the server <grrr - code fix? />
>> >
>> > as such - it's in the gac! the dll project is just that - a dll
>> > referenced
>> > via the web service. the windows app hits the same dll project.
>> >
>> > code example please of the "hello world" web service for what you're
>> > suggesting :)
>> >
>> > "Daniel Fisher(lennybacon)" wrote:
>> >
>> >> You get the error because a WindowsApplication runs under the
>> >> CodeGroup
>> >> My_Computer_Zone, WebServices and WebApplications run under
>> >> LocalIntranet_Zone. It's a CodeAccessSecurity issue.
>> >>
>> >> Try to add an assembly with the code to the GAC, write a wrapper for
>> >> the
>> >> GAC
>> >> assembly and deploy it to the bin directory of the WebService and call
>> >> the
>> >> methods of the wrapper from the assembly of your solution
>> >> (WebService).
>> >>
>> >> --
>> >> Daniel Fisher(lennybacon)
>> >> MCP ASP.NET C#
>> >> Blog: [url]http://www.lennybacon.com/[/url]
>> >>
>> >>
>> >> "Eskimo" <Eskimo@discussions.microsoft.com> wrote in message
>> >> news:A6D68D60-6B23-414D-B4C2-6798FFD0C76B@microsoft.com...
>> >> >
>> >> > System.UnauthorizedAccessException: Access is denied.
>> >> > at System.DirectoryServices.Interop.IAds.SetInfo()
>> >> > at System.DirectoryServices.DirectoryEntry.CommitChan ges()
>> >> > at CreateVirtualDirectories.Dal.CreateWebVirtualDirec tory.Create
>> >> >
>> >> > ...
>> >> >
>> >> > tried on the local development box and it had issues like this
>> >> >
>> >> > until I gave permissions like described in Article ID 329986, scroll
>> >> > down,
>> >> > Method A.
>> >> >
>> >> > It is a double hop as I did the test at the bottom in the Quick Test
>> >> > section.
>> >> >
>> >> >
>> >> >
>> >> > Code snippets:
>> >> >
>> >> > Web.config for web service having the error shown above...
>> >> >
>> >> > <identity impersonate="true" />
>> >> > ...
>> >> >
>> >> > SCHEMA= "IIsWebVirtualDir";
>> >> > mRootSubPath = "/W3SVC/1/Root";
>> >> >
>> >> > ...
>> >> >
>> >> > DirectoryEntry deRoot= new DirectoryEntry("IIS://" +
>> >> > "localhost"
>> >> > + mRootSubPath,winAcctId,winAcctPwd,AuthenticationTy pes.Secure);
>> >> >
>> >> > ...
>> >> >
>> >> > if (Directory.Exists("c:\temp\Eskimo\") == false)
>> >> > {
>> >> >
>> >> > Directory.CreateDirectory("c:\temp\Eskimo\");
>> >> >
>> >> > }
>> >> >
>> >> > deRoot.RefreshCache();
>> >> >
>> >> > DirectoryEntry deNewVDir =
>> >> > deRoot.Children.Add("Eskimo",mSchema);
>> >> >
>> >> >
>> >> > deNewVDir.Properties["Path"].Insert(0,"c:\temp\Eskimo\");
>> >> >
>> >> > ...
>> >> > deNewVDir.Properties["AccessRead"][0] =true;
>> >> > deNewVDir.Properties["AccessWrite"][0] = true;
>> >> > deNewVDir.Properties["AccessExecute"][0] = true;
>> >> > deNewVDir.Properties["AuthAnonymous"][0] = false;
>> >> > deNewVDir.Properties["AuthBasic"][0] = false;
>> >> > deNewVDir.Properties["AuthNTLM"][0] = true;
>> >> > deNewVDir.Properties["ContentIndexed"][0] = false;
>> >> > deNewVDir.Properties["EnableDirBrowsing"][0] = true;
>> >> > ...
>> >> > deNewVDir.Invoke("AppCreate",true);
>> >> >
>> >> > deNewVDir.CommitChanges();
>> >> > deRoot.CommitChanges();
>> >> >
>> >> > deNewVDir.Close();
>> >> >
>> >> > deRoot.Close();
>> >> > ...
>> >> >
>> >> > Now: in a windows application it works great! I have a DLL project
>> >> > and
>> >> > a
>> >> > windows app test project and the web service accessing the DLL
>> >> > project.
>> >> > In a web service I get the error listed above... :(
>> >> >
>> >> > --
>> >> > tym, Eskimo
>> >>
>> >>
>> >>

>>
>>
>>

IIS Virtual Directory Create Failure in Web Service :(

Thread Tools

Display

IIS Virtual Directory Create Failure in Web Service :(

Similar Questions and Discussions

IIS Virtual Directory Create Failure :(

Running XML Web Service from IIS Virtual Directory without creating application

can't create directory from web service

Create file in virtual directory

How to create a new Virtual Directory?

Re: IIS Virtual Directory Create Failure in Web Service :(

Re: IIS Virtual Directory Create Failure in Web Service :(

Re: IIS Virtual Directory Create Failure in Web Service :(

Re: IIS Virtual Directory Create Failure in Web Service :(

Re: IIS Virtual Directory Create Failure in Web Service :(

Posting Permissions