注册 | 登录

解决 - No access to files in iis7 mvc app - server 2008 r2

itPublisher 分享于



推荐:IIS7 配置ASP.NET 2.0, WCF, ASP.NET MVC(适用于vista/win7 /windows server 2008/windows server 2008 R2)

饮水思源: ASP.NET 2.0 部署(以win7为例) 1.首先打开win7 的特性,路径我已标注,服务

I've just installed windows server 2008 r2 along with visual studio and dropbox. I'm using it as a VM for development and dropbox helps me keep my files in sync with other machines.

I've got my site set up in IIS but I'm getting an access denied error when trying to view the site. I've had this before and to get around it in the past I've gone through and added the IIS_User account to the list of permissions to read/modify the files. I assume because the file's have been copied down with drop box the files don't have the necessary permissions. Here's the bugger, I can't batch update the files by modifying permissions on a folder, I'm having to do it right to the file level and even worse, one at a time! I can't have this.

I'm relatively new to 2008 r2 and IIS 7 so I have no idea what's happening here. Can someone explain what is going on and if there's an IIS/file permission setting I can update to resolve it at the top level folder?

I've tried adding anonymous permssions on the website in IIS and I've added permissions on the folder for IIS_User (even Everyone). I have an Administrator account and that's already set to allow me to read/write/modify the files.

This is typically the message I'm getting 'An error occurred loading a configuration file: Access to the path X is denied'.

This is happening on ascx & aspx files as well as config files.

Edits: The site is visible when debugging from Visual Studio. The site is operating in Full Trust (internal)

Please help, this is stopping me from working and driving me insane! iis windows-server-2008
  this question
edited Apr 25 '11 at 20:30 asked Apr 25 '11 at 19:53 lloydphillips 1,497 1 23 50


2 Answers


By default in IIS 7, websites run as the local system's network account (NetworkService), not as IIS_User.

To verify, in IIS Manager, select the Site in question, click Basic Settings... and check the Application Pool it is assigned to. Then go into Application Pools and check the Identity for that Application Pool. Make sure that user listed is in the ACL.

Adding Everyone to the ACL should work instead, but just in case I would suggest you check the above. Also of course make sure when you set the ACL to check the box for resetting inheritance on all subfolders, if that is appropriate for your application.

推荐:【转载】Windows server 2008 IIS7发布 mvc网站css、js脚本无法访问 问题解决

找到发布的对应站点在功能视图中找到“身份验证“双击打开 找到“匿名身份验证” 右击选择“编辑”或是在右侧操作栏中点击“编辑…” 打开对话框“编辑匿名身份

You could also try setting the identity of the application pool to a local (or domain) user you have created which has access to your application directory.

Hope that helps.

  this answer
answered Apr 25 '11 at 20:37 pseudocoder 3,482 2 14 34      What's the ACL - sorry told you I was a noob :) –  lloydphillips Apr 25 '11 at 21:21      I've set up a new AppPool for my website which has the Identity set to ApplicationPoolIdentity - not sure what to do from here. :s –  lloydphillips Apr 25 '11 at 21:25      I've just added my username/password as a local user on the app pool and that has done the job. It's got me working at least but I wouldn't mind understanding if there is something more 'global' I can use in the future. Would setting it to NetworkService work? Why doesn't ApplicationPoolIdentity work? How do you reset the inheritence on the ACL - which I now know is Access Control List. –  lloydphillips Apr 25 '11 at 21:28


Regarding whether other identities would work for your app pool, that depends entirely on whether those identities have permissions to all the files and/or databases and other resources you application needs to access. Right now you have the application running under your user account, which is generally not recommended. IIS has your password cached, and if you change it, your application will stop working until you update the application pool configuration.

As far as setting NTFS permissions, it can get tricky. Once you have disabled permissions inheritance, that file or folder will need to be updated individually every time you need a permission change. The flip side of this is that you cannot remove inherited entries on an ACL, you can only add to them. However you can design a strategy that offers a baseline level of permission at the root of a file structure, and then add permissions to subfolders/files.

In order to check & reset inheritance on a folder, go into its properties, security tab, click advanced, then click Edit. You can see whether this folder inherits permissions from its parent, and optionally wipe out all subfolder/file permissions and enable inheritance on all child folders & files.

Hope this helps.

  this answer
answered Apr 26 '11 at 14:27 pseudocoder 3,482 2 14 34


推荐:Windows server 2008 IIS7发布 mvc网站css、js脚本无法访问 问题解决

今天发布网站遇到一个感到很无语的问题,网站发布成功,浏览网站内容数据显示正常,就是没有样式,试了下脚本也是没有反应,如图效果: 接下来就是一顿苦找原因








您的注册邮箱: 修改

重新发送激活邮件 进入我的邮箱