I have this web application that pulls its info from an Access database. This mdb file is located somewhere on the network. Now, the only access that I need to that file (from a user perspective) is read-only as I only extract and present information. I’m not going into details here but I even specified a read-only mode in the connection string.
Any attempt to create a connection to my database failed. You can see below the web application error and the Sysinternals FileMon capture I took while reproducing the issue.
It became pretty obvious that the account aspnet_wp.exe runs as MIRCEA\IUSR_MIRCEA and it is denied access to the ctel.mdb file.
I decided then to impersonate the ASP.net process aspnet_wp.exe under an account that I know has the required permissions. So, I added the following to the <system.web> section in web.config
<identity impersonate="true" userName="cteluser" password="cteluser"></identity>
Full of hope I fired up the application one more time expecting to finally see the page loading. Don’t hold your breath yet. The error I got is “better” than the previous one.
Didn’t I tell you. This is the kind of error that can make you leave everything and go to bed hoping that tomorrow it will go away by itself. What should I do? … FileMon, of course.
So, aspnet_wp.exe is again denied access, to a “Temp” folder this time. This is a folder in the folder of the Windows machine profile. Once I went ahead and gave write permissions to “cteluser” on that folder I was able finally to run my web application. Remember the cteluser is the user that aspnet_wp.exe impersonates so it can access ctel.mdb over the network.