Text file access error when copied from IIS non secured port to secured port, any sugestions would be helpful

Hari Dodda 1 Reputation point
2023-01-06T10:13:51.673+00:00

I am copying a text file generated in IIS non secured port to secured port, while reading/writing to that text file, getting file read/write access error, any suggestions? enter image description here276816-code.png

ASP.NET Core
ASP.NET Core
A set of technologies in the .NET Framework for building web applications and XML web services.
4,755 questions
C#
C#
An object-oriented and type-safe programming language that has its roots in the C family of languages and includes support for component-oriented programming.
11,237 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Zhi Lv - MSFT 32,846 Reputation points Microsoft Vendor
    2023-01-09T02:51:50.623+00:00

    Hi @Hari Dodda ,

    For the access error, you can refer to my reply in this thread:

    For the web application, when host on IIS and remote server, we may be impersonating a user profile, running under a non-standard user account for the application pool (that is, not NETWORK SERVICE) or explicitly writing the file on a thread that’s running on a different user account. So, when access the folder, it might receive the Access to the path 'C:\public_html\Images' is denied error.

    Looking at the user permissions for C: it’s clear that no special permissions have been granted for the web user. Thus, our task is first and foremost to identify the user that’s trying to write the file.

    You can try to use the Process Monitor to show real-time file system, Registry and process/thread activity, then you’ll be able to see the exact user account that tried to perform the denied action. After that you can granting it NTFS write rights to the C: directory.

    For example, I create a MVC application and use the following code to write text to a txt file,

        public IActionResult Privacy()  
        {  
            System.IO.File.WriteAllText(@"C:\Test.txt", "Hello world!");  
            return View();  
        }  
    

    After hosting the application on IIS, when calling the Privacy method, it will show the Access to the path 'C:\Test.txt' is denied error.

    Open the Process Monitor, enable the folder filter and click the cyan funnel icon to open up the filter editor window:

    258181-image.png

    Since we know IIS is running under the w3wp.exe process, we can add a filter that includes all events with a process name of w3wp.exe. As soon as we add an Include filter, all event that do not match an include filter are excluded.

    258151-image.png

    As we can see that, after hosting on IIS, when access the Test.txt file, the user is "IIS APPPOOL\website2".

    Then, we can go to the C drive properties window, and add the IIS APPPOOL\website2 user and granting it NTFS write rights to the C: directory

    258116-image.png

    And finally, we can run the website again and verify that we’ve now got proper permissions for writing the Test.txt file to the C: directory.


    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    Best regards,
    Dillion

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.