Freigeben über

Common Issue: Permission problems when using remote content

  • Artikel

We have had a number of customers run into problems when trying to store their ASP.NET Content on a remote machine.  Whether that is just a UNC path from the web server or a DFS share.  So I wanted to talk about the issues and how to resolve them to try to help others that may be wanting to do this.

Here is a list of some of the more common issues that we see:

Another problem you may see is this error:

 Server Application unavailable

Event Type:  Error
Event Source:  ASP.NET 2.0.50727.0
Event Category:  None
Event ID:   1088
Date:       4/28/2008
Time:      1:11:07 PM
User:     N/A
Computer:    TEST
Description:
Failed to execute request because the App-Domain 
could not be created. Error: 0x8013150a 

For more information, see Help and Support Center at https://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source:  ASP.NET 2.0.50727.0
Event Category:  None
Event ID:   1334
Date:       4/28/2008
Time:      1:06:45 PM
User:     N/A
Computer:    TEST
Description:
Failed to initialize the AppDomain:/LM/W3SVC/894523/Root

Exception: System.Security.SecurityException

Message: Request for the permission of type 'System.Web.AspNetHostingPermission, 
System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

StackTrace:    at System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck)
   at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache)
   at System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks, Boolean fillCache)
   at System.Activator.CreateInstance(Type type, Boolean nonPublic)
   at System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   at System.Activator.CreateInstance(Type type, BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   at System.Activator.CreateInstance(String assemblyName, String typeName, Boolean ignoreCase, BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes, Evidence securityInfo, StackCrawlMark& stackMark)
   at System.Activator.CreateInstance(String assemblyName, String typeName)
   at System.AppDomain.CreateInstance(String assemblyName, String typeName)
   at System.AppDomain.CreateInstance(String assemblyName, String typeName)
   at System.Web.Hosting.ApplicationManager.CreateAppDomainWithHostingEnvironment(String appId, IApplicationHost appHost, HostingEnvironmentParameters hostingParameters)
   at System.Web.Hosting.ApplicationManager.CreateAppDomainWithHostingEnvironmentAndReportErrors(String appId, IApplicationHost appHost, HostingEnvironmentParameters hostingParameters)

For more information, see Help and Support Center at https://go.microsoft.com/fwlink/events.asp.

This is caused by needing to add the path of the UNC to the MyComputer Zone and making sure it has FullTrust.  You can see more about CAS (Code Access Security) and ASP.NET at How to Use CAS with ASP.NET.

Comments

  • Anonymous
    August 14, 2008
    PingBack from http://hoursfunnywallpaper.cn/?p=1583

  • Anonymous
    August 14, 2008
    You've been kicked (a good thing) - Trackback from DotNetKicks.com

  • Anonymous
    August 27, 2008
    Great Post. I have ran into a similar issues after I install .Net 3.5 SP1. I received Even ID 1088, Error Code 0x80131501 followed by the Even ID 1334 as described below: Failed to initialize the AppDomain:/LM/W3SVC/1130554000/Root Exception: System.SystemException Message: Failed to create AppDomain. StackTrace:    at System.Web.Hosting.ApplicationManager.CreateAppDomainWithHostingEnvironment(String appId, IApplicationHost appHost, HostingEnvironmentParameters hostingParameters)   at System.Web.Hosting.ApplicationManager.CreateAppDomainWithHostingEnvironmentAndReportErrors(String appId, IApplicationHost appHost, HostingEnvironmentParameters hostingParameters) InnerException: System.ArgumentException Message: The UNC path should be of the form \servershare. StackTrace:    at System.Security.Policy.PolicyLevel.GenericResolve(Evidence evidence, Boolean& allConst)   at System.Security.Policy.PolicyLevel.Resolve(Evidence evidence, Int32 count, Char[] serializedEvidence)   at System.Security.PolicyManager.CodeGroupResolve(Evidence evidence, Boolean systemPolicy)   at System.Security.PolicyManager.ResolveHelper(Evidence evidence)   at System.Security.HostSecurityManager.ResolvePolicy(Evidence evidence)   at System.Security.PolicyManager.Resolve(Evidence evidence)   at System.Security.SecurityManager.ResolvePolicy(Evidence evidence, PermissionSet reqdPset, PermissionSet optPset, PermissionSet denyPset, PermissionSet& denied, Boolean checkExecutionPermission)   at System.Security.SecurityManager.ResolvePolicy(Evidence evidence, PermissionSet reqdPset, PermissionSet optPset, PermissionSet denyPset, PermissionSet& denied, Int32& securitySpecialFlags, Boolean checkExecutionPermission)   at System.AppDomain.nSetupDomainSecurity(Evidence appDomainEvidence, IntPtr creatorsSecurityDescriptor, Boolean publishAppDomain)   at System.AppDomain.SetDomainManager(Evidence providedSecurityInfo, Evidence creatorsSecurityInfo, IntPtr parentSecurityDescriptor, Boolean publishAppDomain)   at System.AppDomain.InternalRemotelySetupRemoteDomainHelper(Object[] args)   at System.Threading.Thread.CompleteCrossContextCallback(InternalCrossContextDelegate ftnToCall, Object[] args)   at System.AppDomain.nCreateDomain(String friendlyName, AppDomainSetup setup, Evidence providedSecurityInfo, Evidence creatorsSecurityInfo, IntPtr parentSecurityDescriptor)   at System.AppDomain.CreateDomain(String friendlyName, Evidence securityInfo, AppDomainSetup info)   at System.Web.Hosting.ApplicationManager.CreateAppDomainWithHostingEnvironment(String appId, IApplicationHost appHost, HostingEnvironmentParameters hostingParameters) Do you have any clue how to fix this? Thank you in advance

  • Anonymous
    August 28, 2008
    Franco, Check what user you are running under now.  Maybe installing that set it back to the default and it is running under a local account now that doesn't have permission.

  • Anonymous
    August 28, 2008
    Hi Tom, After checking the application pool, the identity is still Network Services.

  • Anonymous
    September 10, 2008
    Fixed the AspNetHostingPermission error with caspol (+reboot) using this article: http://blogs.msdn.com/shawnfa/archive/2004/12/30/344554.aspx And fixed the following "Failed to start monitoring changes to 'W:......' because the network BIOS command limit has been reached. For more information on this error, please refer to Microsoft knowledge base article 810886. Hosting on a UNC share is not supported for the Windows XP Platform" error (on my Vista(!) machine) using this article: http://support.microsoft.com/kb/810886/en-us I set MaxCmds to 100 (+ reboot). Notes The reboots are really neccessary (I rebooted after each step but 1 reboot might also suffice). You don't need to turn File Change Notifications (FCN) off as suggested here: http://channel9.msdn.com/forums/TechOff/65291-Network-BIOS-command-limit/#CommentID=390454

  • Anonymous
    September 11, 2008
    This didn't work for my co-worker using XP. But it did help to set FCNMode to 2 (less monitoring objects) on his machine. Hope this helps some of you.

  • Anonymous
    September 12, 2008
    Thanks KD