I am trying to Access mapped network drive from wcf service hosted on IIS7. It says path could not be found. However when I m using visual studio development server, it is able to access it. I have tried impersonation but of no avail. Please let me know what are the settings I have to set in IIS And also on File server if any. Thaks in Advance
http://support.microsoft.com/kb/257174
Drop that mapped drive approach and use UNC path instead.
I know this is an old post, but thought I'd share my solution. Had the same problem; couldn't access a network drive from my WCF running in IIS. I tried a virtual directory providing my network credentials which didn't work.
The solution that worked for me was to create an application pool in IIS for my service to run under. Then I gave the application pool network credentials. Changed my service to run inside this application pool and now the service can access the network share.
So my steps were:
1) Create a new application pool in IIS. Right-click 'Application Pools' in the Connections window. Then 'Add Application Pool...'. Give the new pool a name and choose the framework. I left the other settings as default. 'Ok'.
2) Change the identity of the new application pool. In the Application Pools list, right-click on your new pool and go to 'Advanced Settings'. Under 'Process Mode', open the 'Identity' details. Select 'Custom account:' then provide the network credentials that have access to the network share. Then 'Ok', 'Ok'.
3) Change the pool your service is running in. Select your service application then click 'Basic Settings...' (on the Actions pane). Click 'Select...' in the pop-up. Change the Application Pool to the new pool you created. Then 'Ok', 'Ok'.
Now your service should be able to access the network share using the supplied credentials. You can test using your credentials but I'd recommend using a service account (virtual account with no password reset policy) when you deploy your service.
Hope this helps others!
Related
This is my Azure configuration:
I have a Virtual Network with a couple of subnets and a gateway
configured to allow point-to-site.
There is one Virtual Machine with SQL Server (2014) installed. There
are some databases in there already. SQL Server is set up to allow
SQL Server and Windows Authentication mode. This VM is in the Virtual Network
I have an empty Azure Web App
I deployed my main MVC WebApp to the empty Azure Web App and looks good, except when it tries to retrieve information from the database.
Is it a connection string error? or there can be something else...
My connection string looks like this:
<add name="MyEntities" connectionString="metadata=res://*/Data.MyModel.csdl| res://*/Data.MyModel.ssdl| res://*/Data.MyModel.msl;provider=System.Data.SqlClient;
provider connection string="
data source=tcp:10.0.1.4;
initial catalog=MyDataBase;
persist security info=False;
user id=MySystemAdmin;
password=SystemAdminPassword;
multipleactiveresultsets=True;
App=EntityFramework""
providerName="System.Data.EntityClient" />
Here is the error thrown by the azure web app...
So it seems to be related to either the way I'm providing the connection string or the end-points/firewall configuration.
Check your connection string against this connection string for Entity Framework designer files (https://msdn.microsoft.com/en-us/data/jj556606.aspx#Connection)
Just from a quick glance I see two possible errors:
Semicolon missing added after provider=System.Data.SqlClient (the example on the page I provided the link to doesn't have one)
The IP address you specify to connect to is a local one (10.0.0.1) and should be the IP/DNS name of your database in Azure.
Not sure if this is the issue or if StackOverflow just clobbered your markup. In addition you talk about a lot of gateways so I would check to make sure you can talk between your systems. Finally posting error messages and capturing exceptions about what's actually going on will help diagnose the error because at this point it's all guesswork.
Hope that helps.
What the guys said above plus:
The Web App needs to have a hybrid connection to the VNET the VM is if you want to use the local IP address, otherwise you have to use the PIP.
Check the firewall on the VM if the proper ports are open. This has to be both on the VM firewall and the endpoints. Also, if there are any ACLs on the VM, you have to check those too.
The other answers gave me the guidelines to find out the solution.
I'll try to describe the steps I followed:
Using the new azure portal (portal.azure.com currently in preview) I
established a connection between the Azure Web App and the Virtual
network:
Home > Browse > Click on Azure Web App name
In the Azure Web App blade click on Networking tile
In Virtual Network blade, click on the Virtual Network where the database is located (it's important to mention that the Virtual Network ought to have a gateway previously configured)
My intention was to provide certain level of security to the VM with
the databases by placing it inside a Virtual Network, so I had not
considered opening ports. Turns out that it's necessary, so, in the VM:
I enabled the TCP/IP protocol for SQL Server using the Sql Server Configuration Manager (How to? here)
Then I created a new Inbound Rule opening the 1433 port, but only for private connections (very nice).
It was not necessary to create an endpoint in the VM for this port (very happy with this).
Finally, I published the the app to the Azure Web App using the connection strings as shown in the question (with internal database IP)
Final touch: in the new Azure Portal > Azure Web App > Settings, I was able to enter Connection Strings. Settings created in the portal are not overwritten; so now I'm sure this Azure Web App will always use the correct connection string.
Final note: in theory (not tested yet) the internal IP will not change as long as the VM is not Stopped (Deallocated).
I have developed a WCF service in visual studios on a machine which is on a domain network. I hosted it in IIS by first publishing to a folder. Then I created a new site on IIS, so I set the physical path to that folder that contains the published files. I browsed the new site and am able to access the service page.that is on the host machine. However, when I try accessing this on other computers within that network using the same address, it didn't open. I am able to access it only on the host machine. Please how can I make it accessible to other computers in the network and also generally on the internet. Am using impersonation set to true, with a specified username and password. I set the credentials on IIS to the same username and password...thanks... Expecting your solutions..
Can somebody help me.
I just developed a WCF Service Application on my pc, and everything works fine when I run it on localhost!
But now I want to host this project on my IIS7 where I already have a website. I would Like to host my WCF in this website, because I would like to use the same hostname and IP Address, is this possible ?? I dont know if I can Add a Application in the website or something like that.
If this is possible how can I do this???
Please Help me.
Yes, you can host your application in your IIS website, even if it has a website installed on it. You need to create a new application in that website.
First of all, you need to make sure your service has a .svc file that points to the location of the service, copy the contents of your App.Config (Service config file) to a new web.config (in the same physical directory as your App.config) and also remove the <host><baseAddresses> section in the newly created web.config, point the physical path of the application to the location of this service on your computer. Once that's taken care of, just be sure to edit the default website bindings to enable the specific bindings your service uses, for example if your service has netTcpBinding then go to: Website -> 'Edit Bindings...' -> 'Add...' then choose the applicable protocol and assign it the ports. Then on your application go to 'Advanced Settings' and enable the respective protocol, for example your netTcpBinding service will typically have http,net.tcp as it's enabled protocols. and you're set. If you run into teething errors make sure the default app pool (or which ever application pool your website is using) has the required permissions to access and read the physical directory on your computer in which the service resides.
I have this wierd problem on our Windows Server 2003, XP box running IIS 6.0. I have a WCF service deployed using an application pool identity. I am able to browse the svc file like this on that box,
http://localhost/servicename.svc
But when I do http://machinename/servicename.svc, it asks for credentials.
The website is configured for Anonymous access and Integrated Windows authentication.
I am really not sure what is wrong here, I have another machine that is a failover location for this box, where the same thing works fine with exactly same settings in IIS.
Make sure that the Application Pool identity has Read & Execute access on the files hosted by IIS (in other words, check the files at D:\path\to\site). Whether it's Network Service, a domain account, whatever.. it's going to need R&X permission.
What I'm guessing that's happening is that you're a local Admin on the server, so when you do it locally you're able to use your own local credentials to pull the site. But when you do it remotely, IIS must have access to these files - even if Anonymous access is enabled (otherwise, how can it load the files to serve the page to you?).
If you're still stumped, try using a program like filemon or procmon local on the server while making the request, and see what's getting Access Denied when you get a 401.
I have a WCF WSDualHttpBinding service. The service is contained in a WindowsService with account type LocalSystem.
The service is attempting to access a network file stored on another machine on the same network as the service, e.g. \\dataStoreMachine\\myshare\\fileToOpen.txt . If the service is running on dataStoreMachine (the same machine that stores the file), the file is opened succesfully. However, if the service is running on another machine in the network, the file is not found. Is this a permissions issue? I've given read permissions on the network share. Is there something that needs to be specified in the service bindings so it has the correct rights? The file can be browsed to from the machine running the service within win explorer, so I know the file is really at the location it's looking at it for.
Both machines on the network (a VMnet) are not on a specific domain, but have the same username, and blank passwords.
The LocalSystem account doesn't have any rights to network access. Assuming your servers are part of an ActiveDirectory domain, you should use the Network Service account to run the service. You'll need to give read permission for the share to the specific domain accounts assigned as the machine account of the servers. This is usually something like: YourDomain\MachineId123 where the MachineId123 is the actual machine name in the domain.
If you servers aren't in a domain, then you can use the synchronized passwords on identical local accounts technique. I would avoid this if at all possible because in the real world, it is very easily broken by a password change. Each server would have a local machine account named something like File123Shared and would have the same password as the same account on the other machines. You would run your service using that local account after configuring it to be able to run as a service and any other permissions it may need.