wshell.run permission deniedThis is a discussion on wshell.run permission denied within the Inetserver forums in Microsoft Tools category; Pablo A. Allois wrote: > I am glad that is works. > > Saludos! > "P1" <p1 @ fhri.org> wrote in message > news:ZkXtk.7386$lU5.322 @ newsread1.mlpsca01.us.to.v erio.net... >> Pablo A. Allois wrote: >>> Did you check for an access denied on %comspec% ? >>> Are you sure, there is no access denied registred in the procmon ? >>> >>> Check the security eventlog for anu failed log. >>> >>> >>> Saludos! >>> >>> "P1" <p1 @ fhri.org> wrote in message >>> news:CXVtk.7385$lU5.2059 @ newsread1.mlpsca01.us.to. verio.net... >>>> Pablo A. Allois wrote: >>>>> Use ProcMon from SysInternals (now MS) and monitor the ... | ||||||||
| | ||||||||
| ||||||||
| Register | FAQ | Calendar | Search | Today's Posts | Mark Forums Read |
|
#21
09-03-2008, 07:19 PM
| |||
| |||
 Re: wshell.run permission denied Pablo A. Allois wrote: > I am glad that is works. > > Saludos! > "P1" <p1@fhri.org> wrote in message > news:ZkXtk.7386$lU5.322@newsread1.mlpsca01.us.to.v erio.net... >> Pablo A. Allois wrote: >>> Did you check for an access denied on %comspec% ? >>> Are you sure, there is no access denied registred in the procmon ? >>> >>> Check the security eventlog for anu failed log. >>> >>> >>> Saludos! >>> >>> "P1" <p1@fhri.org> wrote in message >>> news:CXVtk.7385$lU5.2059@newsread1.mlpsca01.us.to. verio.net... >>>> Pablo A. Allois wrote: >>>>> Use ProcMon from SysInternals (now MS) and monitor the access to the >>>>> folder. >>>>> You will see an access denied, ProcMon will tell you what user is >>>>> having the Access Denied. >>>>> >>>>> >>>>> Please, take care, do not leave this application too much time on a >>>>> production server. >>>>> >>>>> >>>>> Saludos! >>>>> >>>>> "P1" <p1@fhri.org> wrote in message >>>>> news:l8Gtk.7358$lU5.4742@newsread1.mlpsca01.us.to. verio.net... >>>>>> Anthony Jones wrote: >>>>>>> "P1" <p1@fhri.org> wrote in message >>>>>>> news:TGCtk.7351$lU5.226@newsread1.mlpsca01.us.to.v erio.net... >>>>>>>> Hey guys, >>>>>>>> I'm totally out of my league here, I don't even know how I got stuck >>>>>>>> with this problem, it's obviously a webmaster issue and I'm just a >>>>>>>> lowly >>>>>>>> net admin. >>>>>>>> >>>>>>>> The error: >>>>>>>> >>>>>>>> Starts here >>>>>>>> 8/28/2008 1:39:17 PM >>>>>>>> Passed through >>>>>>>> Error detected: 70: Permission denied >>>>>>>> >>>>>>>> The script: >>>>>>>> >>>>>>>> <% >>>>>>>> response.Expires = 0 >>>>>>>> dim wshell, url, filename, memberid >>>>>>>> on error resume next >>>>>>>> Response.Write("Starts here<br/>") >>>>>>>> >>>>>>>> %> >>>>>>>> <pre> >>>>>>>> <%=now()%> >>>>>>>> >>>>>>>> </pre> >>>>>>>> <% >>>>>>>> >>>>>>>> memberid = Request("memberid") >>>>>>>> url = Request("url") >>>>>>>> filename = "cal"& memberid &".pdf" >>>>>>>> >>>>>>>> set wshell = CreateObject("WScript.Shell") >>>>>>>> wshell.run "%comspec% /c c:\htmltools\htmltools.exe -append 0 """& >>>>>>>> url >>>>>>>> &""" ""c:\PDFTemp\" & filename &""" >c:\htmltools\log.txt", 0, TRUE >>>>>>>> set wshell = nothing >>>>>>>> >>>>>>>> Response.write "Passed through<br/>" >>>>>>>> >>>>>>>> if err.number <> 0 then >>>>>>>> response.write "Error detected: " & err.number & ": " & >>>>>>>> err.Description & "<br/>" >>>>>>>> on error goto 0 >>>>>>>> response.end >>>>>>>> end if >>>>>>>> on error goto 0 >>>>>>>> >>>>>>>> Response.write "Run sucessfully<br/>" >>>>>>>> >>>>>>>> Response.Redirect("http://calpdf.domain.com/PDFTemp/" & filename) >>>>>>>> %> >>>>>>>> <pre> >>>>>>>> <%=now()%> >>>>>>>> >>>>>>>> </pre> >>>>>>>> >>>>>>>> IIS and permissions: >>>>>>>> The website has Scripts and Executables permissions. >>>>>>>> The folder containing the asp script and htmltools.exe have full >>>>>>>> NTFS >>>>>>>> permissions for IIS_WPG, IUSR_, IWAM_. >>>>>>>> >>>>>>>> Some of the commands in the script I put in as part of suggestions >>>>>>>> found >>>>>>>> while researching this problem. >>>>>>>> >>>>>>>> I'm lost, please help?  >>>>>>> Comment out the on error resume next line. >>>>>>> >>>>>>> Then examine the line number in the error returned (make sure you >>>>>>> have Send >>>>>>> Detailed Error messages turned on). >>>>>>> >>>>>>> Also does the IUSR_ account have access to the c:\htmltools folder? >>>>>>> >>>>>>> Is the page accessed anonymously? >>>>>>> >>>>>>> >>>>>> Removing the line you suggested points to line 19, which starts with >>>>>> wshell.run >>>>>> >>>>>> Full error: >>>>>> >>>>>> Starts here >>>>>> 8/28/2008 5:55:09 PM >>>>>> Microsoft VBScript runtime error '800a0046' >>>>>> Permission denied >>>>>> /groupCalPDF.asp, line 19 >>>>>> >>>>>> Yes, the IUSR_ account has full access to the c:\htmltools folder, >>>>>> explicitly defined and propagated down to child objects. >>>>>> The page is accessed anonymously. >>>> I've been using this for the past couple of days, but I don't get any >>>> access denied entries except for a couple of registry checks, which I've >>>> now assigned permissions for and are no longer appearing. >>> >> I've been looking at that procmon output for days and didn't see it. >> However, once you pointed me at %comspec%, I gave the IUSR_ account >> permissions to c:\windows\system32\cmd.exe and that was the magic trick. >> Then I removed the permission again and fired up procmon again and it's >> right there black on white. I don't know how I could have missed it >> before, perhaps a filter or something. >> >> Thanks a lot man! > > Man... I am now officially totally confused. The error is back. I don't see any access denied entries in procmon. I even removed that permission on cmd.exe that fixed the problem before just so I could see the access denied in procmon but it's not showing! I don't have much hair left, but I'm pulling out whatever's left  |
|
#22
09-03-2008, 07:49 PM
| |||
| |||
| Re: wshell.run permission denied P1 wrote: > Pablo A. Allois wrote: >> I am glad that is works. >> >> Saludos! >> "P1" <p1@fhri.org> wrote in message >> news:ZkXtk.7386$lU5.322@newsread1.mlpsca01.us.to.v erio.net... >>> Pablo A. Allois wrote: >>>> Did you check for an access denied on %comspec% ? >>>> Are you sure, there is no access denied registred in the procmon ? >>>> >>>> Check the security eventlog for anu failed log. >>>> >>>> >>>> Saludos! >>>> >>>> "P1" <p1@fhri.org> wrote in message >>>> news:CXVtk.7385$lU5.2059@newsread1.mlpsca01.us.to. verio.net... >>>>> Pablo A. Allois wrote: >>>>>> Use ProcMon from SysInternals (now MS) and monitor the access to >>>>>> the folder. >>>>>> You will see an access denied, ProcMon will tell you what user is >>>>>> having the Access Denied. >>>>>> >>>>>> >>>>>> Please, take care, do not leave this application too much time on >>>>>> a production server. >>>>>> >>>>>> >>>>>> Saludos! >>>>>> >>>>>> "P1" <p1@fhri.org> wrote in message >>>>>> news:l8Gtk.7358$lU5.4742@newsread1.mlpsca01.us.to. verio.net... >>>>>>> Anthony Jones wrote: >>>>>>>> "P1" <p1@fhri.org> wrote in message >>>>>>>> news:TGCtk.7351$lU5.226@newsread1.mlpsca01.us.to.v erio.net... >>>>>>>>> Hey guys, >>>>>>>>> I'm totally out of my league here, I don't even know how I got >>>>>>>>> stuck >>>>>>>>> with this problem, it's obviously a webmaster issue and I'm >>>>>>>>> just a lowly >>>>>>>>> net admin. >>>>>>>>> >>>>>>>>> The error: >>>>>>>>> >>>>>>>>> Starts here >>>>>>>>> 8/28/2008 1:39:17 PM >>>>>>>>> Passed through >>>>>>>>> Error detected: 70: Permission denied >>>>>>>>> >>>>>>>>> The script: >>>>>>>>> >>>>>>>>> <% >>>>>>>>> response.Expires = 0 >>>>>>>>> dim wshell, url, filename, memberid >>>>>>>>> on error resume next >>>>>>>>> Response.Write("Starts here<br/>") >>>>>>>>> >>>>>>>>> %> >>>>>>>>> <pre> >>>>>>>>> <%=now()%> >>>>>>>>> >>>>>>>>> </pre> >>>>>>>>> <% >>>>>>>>> >>>>>>>>> memberid = Request("memberid") >>>>>>>>> url = Request("url") >>>>>>>>> filename = "cal"& memberid &".pdf" >>>>>>>>> >>>>>>>>> set wshell = CreateObject("WScript.Shell") >>>>>>>>> wshell.run "%comspec% /c c:\htmltools\htmltools.exe -append 0 >>>>>>>>> """& url >>>>>>>>> &""" ""c:\PDFTemp\" & filename &""" >c:\htmltools\log.txt", 0, >>>>>>>>> TRUE >>>>>>>>> set wshell = nothing >>>>>>>>> >>>>>>>>> Response.write "Passed through<br/>" >>>>>>>>> >>>>>>>>> if err.number <> 0 then >>>>>>>>> response.write "Error detected: " & err.number & ": " & >>>>>>>>> err.Description & "<br/>" >>>>>>>>> on error goto 0 >>>>>>>>> response.end >>>>>>>>> end if >>>>>>>>> on error goto 0 >>>>>>>>> >>>>>>>>> Response.write "Run sucessfully<br/>" >>>>>>>>> >>>>>>>>> Response.Redirect("http://calpdf.domain.com/PDFTemp/" & filename) >>>>>>>>> %> >>>>>>>>> <pre> >>>>>>>>> <%=now()%> >>>>>>>>> >>>>>>>>> </pre> >>>>>>>>> >>>>>>>>> IIS and permissions: >>>>>>>>> The website has Scripts and Executables permissions. >>>>>>>>> The folder containing the asp script and htmltools.exe have >>>>>>>>> full NTFS >>>>>>>>> permissions for IIS_WPG, IUSR_, IWAM_. >>>>>>>>> >>>>>>>>> Some of the commands in the script I put in as part of >>>>>>>>> suggestions found >>>>>>>>> while researching this problem. >>>>>>>>> >>>>>>>>> I'm lost, please help? >>>>>>>> Comment out the on error resume next line. >>>>>>>> >>>>>>>> Then examine the line number in the error returned (make sure >>>>>>>> you have Send >>>>>>>> Detailed Error messages turned on). >>>>>>>> >>>>>>>> Also does the IUSR_ account have access to the c:\htmltools folder? >>>>>>>> >>>>>>>> Is the page accessed anonymously? >>>>>>>> >>>>>>>> >>>>>>> Removing the line you suggested points to line 19, which starts >>>>>>> with wshell.run >>>>>>> >>>>>>> Full error: >>>>>>> >>>>>>> Starts here >>>>>>> 8/28/2008 5:55:09 PM >>>>>>> Microsoft VBScript runtime error '800a0046' >>>>>>> Permission denied >>>>>>> /groupCalPDF.asp, line 19 >>>>>>> >>>>>>> Yes, the IUSR_ account has full access to the c:\htmltools >>>>>>> folder, explicitly defined and propagated down to child objects. >>>>>>> The page is accessed anonymously. >>>>> I've been using this for the past couple of days, but I don't get >>>>> any access denied entries except for a couple of registry checks, >>>>> which I've now assigned permissions for and are no longer appearing. >>>> >>> I've been looking at that procmon output for days and didn't see it. >>> However, once you pointed me at %comspec%, I gave the IUSR_ account >>> permissions to c:\windows\system32\cmd.exe and that was the magic trick. >>> Then I removed the permission again and fired up procmon again and >>> it's right there black on white. I don't know how I could have >>> missed it before, perhaps a filter or something. >>> >>> Thanks a lot man! >> >> > > Man... I am now officially totally confused. > The error is back. I don't see any access denied entries in procmon. I > even removed that permission on cmd.exe that fixed the problem before > just so I could see the access denied in procmon but it's not showing! > I don't have much hair left, but I'm pulling out whatever's left Excluding SUCCESS results, the only mentions of anything remotely related to this issue are a few BUFFER OVERFLOW lines with Path: c:\inetpub\websites\GroupCalPDF\groupCalPDF.asp Operation: QueryInformationVolume QueryAllInformationFile QuerySecurityFile |
|
#23
09-03-2008, 07:49 PM
| |||
| |||
| Re: wshell.run permission denied P1 wrote: > Pablo A. Allois wrote: >> I am glad that is works. >> >> Saludos! >> "P1" <p1@fhri.org> wrote in message >> news:ZkXtk.7386$lU5.322@newsread1.mlpsca01.us.to.v erio.net... >>> Pablo A. Allois wrote: >>>> Did you check for an access denied on %comspec% ? >>>> Are you sure, there is no access denied registred in the procmon ? >>>> >>>> Check the security eventlog for anu failed log. >>>> >>>> >>>> Saludos! >>>> >>>> "P1" <p1@fhri.org> wrote in message >>>> news:CXVtk.7385$lU5.2059@newsread1.mlpsca01.us.to. verio.net... >>>>> Pablo A. Allois wrote: >>>>>> Use ProcMon from SysInternals (now MS) and monitor the access to >>>>>> the folder. >>>>>> You will see an access denied, ProcMon will tell you what user is >>>>>> having the Access Denied. >>>>>> >>>>>> >>>>>> Please, take care, do not leave this application too much time on >>>>>> a production server. >>>>>> >>>>>> >>>>>> Saludos! >>>>>> >>>>>> "P1" <p1@fhri.org> wrote in message >>>>>> news:l8Gtk.7358$lU5.4742@newsread1.mlpsca01.us.to. verio.net... >>>>>>> Anthony Jones wrote: >>>>>>>> "P1" <p1@fhri.org> wrote in message >>>>>>>> news:TGCtk.7351$lU5.226@newsread1.mlpsca01.us.to.v erio.net... >>>>>>>>> Hey guys, >>>>>>>>> I'm totally out of my league here, I don't even know how I got >>>>>>>>> stuck >>>>>>>>> with this problem, it's obviously a webmaster issue and I'm >>>>>>>>> just a lowly >>>>>>>>> net admin. >>>>>>>>> >>>>>>>>> The error: >>>>>>>>> >>>>>>>>> Starts here >>>>>>>>> 8/28/2008 1:39:17 PM >>>>>>>>> Passed through >>>>>>>>> Error detected: 70: Permission denied >>>>>>>>> >>>>>>>>> The script: >>>>>>>>> >>>>>>>>> <% >>>>>>>>> response.Expires = 0 >>>>>>>>> dim wshell, url, filename, memberid >>>>>>>>> on error resume next >>>>>>>>> Response.Write("Starts here<br/>") >>>>>>>>> >>>>>>>>> %> >>>>>>>>> <pre> >>>>>>>>> <%=now()%> >>>>>>>>> >>>>>>>>> </pre> >>>>>>>>> <% >>>>>>>>> >>>>>>>>> memberid = Request("memberid") >>>>>>>>> url = Request("url") >>>>>>>>> filename = "cal"& memberid &".pdf" >>>>>>>>> >>>>>>>>> set wshell = CreateObject("WScript.Shell") >>>>>>>>> wshell.run "%comspec% /c c:\htmltools\htmltools.exe -append 0 >>>>>>>>> """& url >>>>>>>>> &""" ""c:\PDFTemp\" & filename &""" >c:\htmltools\log.txt", 0, >>>>>>>>> TRUE >>>>>>>>> set wshell = nothing >>>>>>>>> >>>>>>>>> Response.write "Passed through<br/>" >>>>>>>>> >>>>>>>>> if err.number <> 0 then >>>>>>>>> response.write "Error detected: " & err.number & ": " & >>>>>>>>> err.Description & "<br/>" >>>>>>>>> on error goto 0 >>>>>>>>> response.end >>>>>>>>> end if >>>>>>>>> on error goto 0 >>>>>>>>> >>>>>>>>> Response.write "Run sucessfully<br/>" >>>>>>>>> >>>>>>>>> Response.Redirect("http://calpdf.domain.com/PDFTemp/" & filename) >>>>>>>>> %> >>>>>>>>> <pre> >>>>>>>>> <%=now()%> >>>>>>>>> >>>>>>>>> </pre> >>>>>>>>> >>>>>>>>> IIS and permissions: >>>>>>>>> The website has Scripts and Executables permissions. >>>>>>>>> The folder containing the asp script and htmltools.exe have >>>>>>>>> full NTFS >>>>>>>>> permissions for IIS_WPG, IUSR_, IWAM_. >>>>>>>>> >>>>>>>>> Some of the commands in the script I put in as part of >>>>>>>>> suggestions found >>>>>>>>> while researching this problem. >>>>>>>>> >>>>>>>>> I'm lost, please help? >>>>>>>> Comment out the on error resume next line. >>>>>>>> >>>>>>>> Then examine the line number in the error returned (make sure >>>>>>>> you have Send >>>>>>>> Detailed Error messages turned on). >>>>>>>> >>>>>>>> Also does the IUSR_ account have access to the c:\htmltools folder? >>>>>>>> >>>>>>>> Is the page accessed anonymously? >>>>>>>> >>>>>>>> >>>>>>> Removing the line you suggested points to line 19, which starts >>>>>>> with wshell.run >>>>>>> >>>>>>> Full error: >>>>>>> >>>>>>> Starts here >>>>>>> 8/28/2008 5:55:09 PM >>>>>>> Microsoft VBScript runtime error '800a0046' >>>>>>> Permission denied >>>>>>> /groupCalPDF.asp, line 19 >>>>>>> >>>>>>> Yes, the IUSR_ account has full access to the c:\htmltools >>>>>>> folder, explicitly defined and propagated down to child objects. >>>>>>> The page is accessed anonymously. >>>>> I've been using this for the past couple of days, but I don't get >>>>> any access denied entries except for a couple of registry checks, >>>>> which I've now assigned permissions for and are no longer appearing. >>>> >>> I've been looking at that procmon output for days and didn't see it. >>> However, once you pointed me at %comspec%, I gave the IUSR_ account >>> permissions to c:\windows\system32\cmd.exe and that was the magic trick. >>> Then I removed the permission again and fired up procmon again and >>> it's right there black on white. I don't know how I could have >>> missed it before, perhaps a filter or something. >>> >>> Thanks a lot man! >> >> > > Man... I am now officially totally confused. > The error is back. I don't see any access denied entries in procmon. I > even removed that permission on cmd.exe that fixed the problem before > just so I could see the access denied in procmon but it's not showing! > I don't have much hair left, but I'm pulling out whatever's left Excluding SUCCESS results, the only mentions of anything remotely related to this issue are a few BUFFER OVERFLOW lines with Path: c:\inetpub\websites\GroupCalPDF\groupCalPDF.asp Operation: QueryInformationVolume QueryAllInformationFile QuerySecurityFile |
|
#24
09-09-2008, 11:09 AM
| |||
| |||
| Re: wshell.run permission denied Do you remove the permission on %comspec% ? Dont exclude sucess. Monitor every access to any disk and folder, and use the Search button to find "DENIED" . May be, you need some permision of listing in some folders. Tell me how it works. Saludos! "P1" <p1@fhri.org> wrote in message news:woFvk.7452$lU5.1175@newsread1.mlpsca01.us.to. verio.net... > P1 wrote: >> Pablo A. Allois wrote: >>> I am glad that is works. >>> >>> Saludos! >>> "P1" <p1@fhri.org> wrote in message >>> news:ZkXtk.7386$lU5.322@newsread1.mlpsca01.us.to.v erio.net... >>>> Pablo A. Allois wrote: >>>>> Did you check for an access denied on %comspec% ? >>>>> Are you sure, there is no access denied registred in the procmon ? >>>>> >>>>> Check the security eventlog for anu failed log. >>>>> >>>>> >>>>> Saludos! >>>>> >>>>> "P1" <p1@fhri.org> wrote in message >>>>> news:CXVtk.7385$lU5.2059@newsread1.mlpsca01.us.to. verio.net... >>>>>> Pablo A. Allois wrote: >>>>>>> Use ProcMon from SysInternals (now MS) and monitor the access to the >>>>>>> folder. >>>>>>> You will see an access denied, ProcMon will tell you what user is >>>>>>> having the Access Denied. >>>>>>> >>>>>>> >>>>>>> Please, take care, do not leave this application too much time on a >>>>>>> production server. >>>>>>> >>>>>>> >>>>>>> Saludos! >>>>>>> >>>>>>> "P1" <p1@fhri.org> wrote in message >>>>>>> news:l8Gtk.7358$lU5.4742@newsread1.mlpsca01.us.to. verio.net... >>>>>>>> Anthony Jones wrote: >>>>>>>>> "P1" <p1@fhri.org> wrote in message >>>>>>>>> news:TGCtk.7351$lU5.226@newsread1.mlpsca01.us.to.v erio.net... >>>>>>>>>> Hey guys, >>>>>>>>>> I'm totally out of my league here, I don't even know how I got >>>>>>>>>> stuck >>>>>>>>>> with this problem, it's obviously a webmaster issue and I'm just >>>>>>>>>> a lowly >>>>>>>>>> net admin. >>>>>>>>>> >>>>>>>>>> The error: >>>>>>>>>> >>>>>>>>>> Starts here >>>>>>>>>> 8/28/2008 1:39:17 PM >>>>>>>>>> Passed through >>>>>>>>>> Error detected: 70: Permission denied >>>>>>>>>> >>>>>>>>>> The script: >>>>>>>>>> >>>>>>>>>> <% >>>>>>>>>> response.Expires = 0 >>>>>>>>>> dim wshell, url, filename, memberid >>>>>>>>>> on error resume next >>>>>>>>>> Response.Write("Starts here<br/>") >>>>>>>>>> >>>>>>>>>> %> >>>>>>>>>> <pre> >>>>>>>>>> <%=now()%> >>>>>>>>>> >>>>>>>>>> </pre> >>>>>>>>>> <% >>>>>>>>>> >>>>>>>>>> memberid = Request("memberid") >>>>>>>>>> url = Request("url") >>>>>>>>>> filename = "cal"& memberid &".pdf" >>>>>>>>>> >>>>>>>>>> set wshell = CreateObject("WScript.Shell") >>>>>>>>>> wshell.run "%comspec% /c c:\htmltools\htmltools.exe -append 0 >>>>>>>>>> """& url >>>>>>>>>> &""" ""c:\PDFTemp\" & filename &""" >c:\htmltools\log.txt", 0, >>>>>>>>>> TRUE >>>>>>>>>> set wshell = nothing >>>>>>>>>> >>>>>>>>>> Response.write "Passed through<br/>" >>>>>>>>>> >>>>>>>>>> if err.number <> 0 then >>>>>>>>>> response.write "Error detected: " & err.number & ": " & >>>>>>>>>> err.Description & "<br/>" >>>>>>>>>> on error goto 0 >>>>>>>>>> response.end >>>>>>>>>> end if >>>>>>>>>> on error goto 0 >>>>>>>>>> >>>>>>>>>> Response.write "Run sucessfully<br/>" >>>>>>>>>> >>>>>>>>>> Response.Redirect("http://calpdf.domain.com/PDFTemp/" & filename) >>>>>>>>>> %> >>>>>>>>>> <pre> >>>>>>>>>> <%=now()%> >>>>>>>>>> >>>>>>>>>> </pre> >>>>>>>>>> >>>>>>>>>> IIS and permissions: >>>>>>>>>> The website has Scripts and Executables permissions. >>>>>>>>>> The folder containing the asp script and htmltools.exe have full >>>>>>>>>> NTFS >>>>>>>>>> permissions for IIS_WPG, IUSR_, IWAM_. >>>>>>>>>> >>>>>>>>>> Some of the commands in the script I put in as part of >>>>>>>>>> suggestions found >>>>>>>>>> while researching this problem. >>>>>>>>>> >>>>>>>>>> I'm lost, please help? >>>>>>>>> Comment out the on error resume next line. >>>>>>>>> >>>>>>>>> Then examine the line number in the error returned (make sure you >>>>>>>>> have Send >>>>>>>>> Detailed Error messages turned on). >>>>>>>>> >>>>>>>>> Also does the IUSR_ account have access to the c:\htmltools >>>>>>>>> folder? >>>>>>>>> >>>>>>>>> Is the page accessed anonymously? >>>>>>>>> >>>>>>>>> >>>>>>>> Removing the line you suggested points to line 19, which starts >>>>>>>> with wshell.run >>>>>>>> >>>>>>>> Full error: >>>>>>>> >>>>>>>> Starts here >>>>>>>> 8/28/2008 5:55:09 PM >>>>>>>> Microsoft VBScript runtime error '800a0046' >>>>>>>> Permission denied >>>>>>>> /groupCalPDF.asp, line 19 >>>>>>>> >>>>>>>> Yes, the IUSR_ account has full access to the c:\htmltools folder, >>>>>>>> explicitly defined and propagated down to child objects. >>>>>>>> The page is accessed anonymously. >>>>>> I've been using this for the past couple of days, but I don't get any >>>>>> access denied entries except for a couple of registry checks, which >>>>>> I've now assigned permissions for and are no longer appearing. >>>>> >>>> I've been looking at that procmon output for days and didn't see it. >>>> However, once you pointed me at %comspec%, I gave the IUSR_ account >>>> permissions to c:\windows\system32\cmd.exe and that was the magic >>>> trick. >>>> Then I removed the permission again and fired up procmon again and it's >>>> right there black on white. I don't know how I could have missed it >>>> before, perhaps a filter or something. >>>> >>>> Thanks a lot man! >>> >>> >> >> Man... I am now officially totally confused. >> The error is back. I don't see any access denied entries in procmon. I >> even removed that permission on cmd.exe that fixed the problem before >> just so I could see the access denied in procmon but it's not showing! >> I don't have much hair left, but I'm pulling out whatever's left > > Excluding SUCCESS results, the only mentions of anything remotely related > to this issue are a few BUFFER OVERFLOW lines with > Path: c:\inetpub\websites\GroupCalPDF\groupCalPDF.asp > Operation: QueryInformationVolume > QueryAllInformationFile > QuerySecurityFile |
|
#25
09-09-2008, 11:09 AM
| |||
| |||
| Re: wshell.run permission denied Do you remove the permission on %comspec% ? Dont exclude sucess. Monitor every access to any disk and folder, and use the Search button to find "DENIED" . May be, you need some permision of listing in some folders. Tell me how it works. Saludos! "P1" <p1@fhri.org> wrote in message news:woFvk.7452$lU5.1175@newsread1.mlpsca01.us.to. verio.net... > P1 wrote: >> Pablo A. Allois wrote: >>> I am glad that is works. >>> >>> Saludos! >>> "P1" <p1@fhri.org> wrote in message >>> news:ZkXtk.7386$lU5.322@newsread1.mlpsca01.us.to.v erio.net... >>>> Pablo A. Allois wrote: >>>>> Did you check for an access denied on %comspec% ? >>>>> Are you sure, there is no access denied registred in the procmon ? >>>>> >>>>> Check the security eventlog for anu failed log. >>>>> >>>>> >>>>> Saludos! >>>>> >>>>> "P1" <p1@fhri.org> wrote in message >>>>> news:CXVtk.7385$lU5.2059@newsread1.mlpsca01.us.to. verio.net... >>>>>> Pablo A. Allois wrote: >>>>>>> Use ProcMon from SysInternals (now MS) and monitor the access to the >>>>>>> folder. >>>>>>> You will see an access denied, ProcMon will tell you what user is >>>>>>> having the Access Denied. >>>>>>> >>>>>>> >>>>>>> Please, take care, do not leave this application too much time on a >>>>>>> production server. >>>>>>> >>>>>>> >>>>>>> Saludos! >>>>>>> >>>>>>> "P1" <p1@fhri.org> wrote in message >>>>>>> news:l8Gtk.7358$lU5.4742@newsread1.mlpsca01.us.to. verio.net... >>>>>>>> Anthony Jones wrote: >>>>>>>>> "P1" <p1@fhri.org> wrote in message >>>>>>>>> news:TGCtk.7351$lU5.226@newsread1.mlpsca01.us.to.v erio.net... >>>>>>>>>> Hey guys, >>>>>>>>>> I'm totally out of my league here, I don't even know how I got >>>>>>>>>> stuck >>>>>>>>>> with this problem, it's obviously a webmaster issue and I'm just >>>>>>>>>> a lowly >>>>>>>>>> net admin. >>>>>>>>>> >>>>>>>>>> The error: >>>>>>>>>> >>>>>>>>>> Starts here >>>>>>>>>> 8/28/2008 1:39:17 PM >>>>>>>>>> Passed through >>>>>>>>>> Error detected: 70: Permission denied >>>>>>>>>> >>>>>>>>>> The script: >>>>>>>>>> >>>>>>>>>> <% >>>>>>>>>> response.Expires = 0 >>>>>>>>>> dim wshell, url, filename, memberid >>>>>>>>>> on error resume next >>>>>>>>>> Response.Write("Starts here<br/>") >>>>>>>>>> >>>>>>>>>> %> >>>>>>>>>> <pre> >>>>>>>>>> <%=now()%> >>>>>>>>>> >>>>>>>>>> </pre> >>>>>>>>>> <% >>>>>>>>>> >>>>>>>>>> memberid = Request("memberid") >>>>>>>>>> url = Request("url") >>>>>>>>>> filename = "cal"& memberid &".pdf" >>>>>>>>>> >>>>>>>>>> set wshell = CreateObject("WScript.Shell") >>>>>>>>>> wshell.run "%comspec% /c c:\htmltools\htmltools.exe -append 0 >>>>>>>>>> """& url >>>>>>>>>> &""" ""c:\PDFTemp\" & filename &""" >c:\htmltools\log.txt", 0, >>>>>>>>>> TRUE >>>>>>>>>> set wshell = nothing >>>>>>>>>> >>>>>>>>>> Response.write "Passed through<br/>" >>>>>>>>>> >>>>>>>>>> if err.number <> 0 then >>>>>>>>>> response.write "Error detected: " & err.number & ": " & >>>>>>>>>> err.Description & "<br/>" >>>>>>>>>> on error goto 0 >>>>>>>>>> response.end >>>>>>>>>> end if >>>>>>>>>> on error goto 0 >>>>>>>>>> >>>>>>>>>> Response.write "Run sucessfully<br/>" >>>>>>>>>> >>>>>>>>>> Response.Redirect("http://calpdf.domain.com/PDFTemp/" & filename) >>>>>>>>>> %> >>>>>>>>>> <pre> >>>>>>>>>> <%=now()%> >>>>>>>>>> >>>>>>>>>> </pre> >>>>>>>>>> >>>>>>>>>> IIS and permissions: >>>>>>>>>> The website has Scripts and Executables permissions. >>>>>>>>>> The folder containing the asp script and htmltools.exe have full >>>>>>>>>> NTFS >>>>>>>>>> permissions for IIS_WPG, IUSR_, IWAM_. >>>>>>>>>> >>>>>>>>>> Some of the commands in the script I put in as part of >>>>>>>>>> suggestions found >>>>>>>>>> while researching this problem. >>>>>>>>>> >>>>>>>>>> I'm lost, please help? >>>>>>>>> Comment out the on error resume next line. >>>>>>>>> >>>>>>>>> Then examine the line number in the error returned (make sure you >>>>>>>>> have Send >>>>>>>>> Detailed Error messages turned on). >>>>>>>>> >>>>>>>>> Also does the IUSR_ account have access to the c:\htmltools >>>>>>>>> folder? >>>>>>>>> >>>>>>>>> Is the page accessed anonymously? >>>>>>>>> >>>>>>>>> >>>>>>>> Removing the line you suggested points to line 19, which starts >>>>>>>> with wshell.run >>>>>>>> >>>>>>>> Full error: >>>>>>>> >>>>>>>> Starts here >>>>>>>> 8/28/2008 5:55:09 PM >>>>>>>> Microsoft VBScript runtime error '800a0046' >>>>>>>> Permission denied >>>>>>>> /groupCalPDF.asp, line 19 >>>>>>>> >>>>>>>> Yes, the IUSR_ account has full access to the c:\htmltools folder, >>>>>>>> explicitly defined and propagated down to child objects. >>>>>>>> The page is accessed anonymously. >>>>>> I've been using this for the past couple of days, but I don't get any >>>>>> access denied entries except for a couple of registry checks, which >>>>>> I've now assigned permissions for and are no longer appearing. >>>>> >>>> I've been looking at that procmon output for days and didn't see it. >>>> However, once you pointed me at %comspec%, I gave the IUSR_ account >>>> permissions to c:\windows\system32\cmd.exe and that was the magic >>>> trick. >>>> Then I removed the permission again and fired up procmon again and it's >>>> right there black on white. I don't know how I could have missed it >>>> before, perhaps a filter or something. >>>> >>>> Thanks a lot man! >>> >>> >> >> Man... I am now officially totally confused. >> The error is back. I don't see any access denied entries in procmon. I >> even removed that permission on cmd.exe that fixed the problem before >> just so I could see the access denied in procmon but it's not showing! >> I don't have much hair left, but I'm pulling out whatever's left > > Excluding SUCCESS results, the only mentions of anything remotely related > to this issue are a few BUFFER OVERFLOW lines with > Path: c:\inetpub\websites\GroupCalPDF\groupCalPDF.asp > Operation: QueryInformationVolume > QueryAllInformationFile > QuerySecurityFile |
|
#26
09-09-2008, 02:28 PM
| |||
| |||
| Re: wshell.run permission denied Pablo A. Allois wrote: > Do you remove the permission on %comspec% ? > > Dont exclude sucess. Monitor every access to any disk and folder, and use > the Search button to find "DENIED" . > May be, you need some permision of listing in some folders. > > > Tell me how it works. > > > Saludos! > > "P1" <p1@fhri.org> wrote in message > news:woFvk.7452$lU5.1175@newsread1.mlpsca01.us.to. verio.net... >> P1 wrote: >>> Pablo A. Allois wrote: >>>> I am glad that is works. >>>> >>>> Saludos! >>>> "P1" <p1@fhri.org> wrote in message >>>> news:ZkXtk.7386$lU5.322@newsread1.mlpsca01.us.to.v erio.net... >>>>> Pablo A. Allois wrote: >>>>>> Did you check for an access denied on %comspec% ? >>>>>> Are you sure, there is no access denied registred in the procmon ? >>>>>> >>>>>> Check the security eventlog for anu failed log. >>>>>> >>>>>> >>>>>> Saludos! >>>>>> >>>>>> "P1" <p1@fhri.org> wrote in message >>>>>> news:CXVtk.7385$lU5.2059@newsread1.mlpsca01.us.to. verio.net... >>>>>>> Pablo A. Allois wrote: >>>>>>>> Use ProcMon from SysInternals (now MS) and monitor the access to the >>>>>>>> folder. >>>>>>>> You will see an access denied, ProcMon will tell you what user is >>>>>>>> having the Access Denied. >>>>>>>> >>>>>>>> >>>>>>>> Please, take care, do not leave this application too much time on a >>>>>>>> production server. >>>>>>>> >>>>>>>> >>>>>>>> Saludos! >>>>>>>> >>>>>>>> "P1" <p1@fhri.org> wrote in message >>>>>>>> news:l8Gtk.7358$lU5.4742@newsread1.mlpsca01.us.to. verio.net... >>>>>>>>> Anthony Jones wrote: >>>>>>>>>> "P1" <p1@fhri.org> wrote in message >>>>>>>>>> news:TGCtk.7351$lU5.226@newsread1.mlpsca01.us.to.v erio.net... >>>>>>>>>>> Hey guys, >>>>>>>>>>> I'm totally out of my league here, I don't even know how I got >>>>>>>>>>> stuck >>>>>>>>>>> with this problem, it's obviously a webmaster issue and I'm just >>>>>>>>>>> a lowly >>>>>>>>>>> net admin. >>>>>>>>>>> >>>>>>>>>>> The error: >>>>>>>>>>> >>>>>>>>>>> Starts here >>>>>>>>>>> 8/28/2008 1:39:17 PM >>>>>>>>>>> Passed through >>>>>>>>>>> Error detected: 70: Permission denied >>>>>>>>>>> >>>>>>>>>>> The script: >>>>>>>>>>> >>>>>>>>>>> <% >>>>>>>>>>> response.Expires = 0 >>>>>>>>>>> dim wshell, url, filename, memberid >>>>>>>>>>> on error resume next >>>>>>>>>>> Response.Write("Starts here<br/>") >>>>>>>>>>> >>>>>>>>>>> %> >>>>>>>>>>> <pre> >>>>>>>>>>> <%=now()%> >>>>>>>>>>> >>>>>>>>>>> </pre> >>>>>>>>>>> <% >>>>>>>>>>> >>>>>>>>>>> memberid = Request("memberid") >>>>>>>>>>> url = Request("url") >>>>>>>>>>> filename = "cal"& memberid &".pdf" >>>>>>>>>>> >>>>>>>>>>> set wshell = CreateObject("WScript.Shell") >>>>>>>>>>> wshell.run "%comspec% /c c:\htmltools\htmltools.exe -append 0 >>>>>>>>>>> """& url >>>>>>>>>>> &""" ""c:\PDFTemp\" & filename &""" >c:\htmltools\log.txt", 0, >>>>>>>>>>> TRUE >>>>>>>>>>> set wshell = nothing >>>>>>>>>>> >>>>>>>>>>> Response.write "Passed through<br/>" >>>>>>>>>>> >>>>>>>>>>> if err.number <> 0 then >>>>>>>>>>> response.write "Error detected: " & err.number & ": " & >>>>>>>>>>> err.Description & "<br/>" >>>>>>>>>>> on error goto 0 >>>>>>>>>>> response.end >>>>>>>>>>> end if >>>>>>>>>>> on error goto 0 >>>>>>>>>>> >>>>>>>>>>> Response.write "Run sucessfully<br/>" >>>>>>>>>>> >>>>>>>>>>> Response.Redirect("http://calpdf.domain.com/PDFTemp/" & filename) >>>>>>>>>>> %> >>>>>>>>>>> <pre> >>>>>>>>>>> <%=now()%> >>>>>>>>>>> >>>>>>>>>>> </pre> >>>>>>>>>>> >>>>>>>>>>> IIS and permissions: >>>>>>>>>>> The website has Scripts and Executables permissions. >>>>>>>>>>> The folder containing the asp script and htmltools.exe have full >>>>>>>>>>> NTFS >>>>>>>>>>> permissions for IIS_WPG, IUSR_, IWAM_. >>>>>>>>>>> >>>>>>>>>>> Some of the commands in the script I put in as part of >>>>>>>>>>> suggestions found >>>>>>>>>>> while researching this problem. >>>>>>>>>>> >>>>>>>>>>> I'm lost, please help? >>>>>>>>>> Comment out the on error resume next line. >>>>>>>>>> >>>>>>>>>> Then examine the line number in the error returned (make sure you >>>>>>>>>> have Send >>>>>>>>>> Detailed Error messages turned on). >>>>>>>>>> >>>>>>>>>> Also does the IUSR_ account have access to the c:\htmltools >>>>>>>>>> folder? >>>>>>>>>> >>>>>>>>>> Is the page accessed anonymously? >>>>>>>>>> >>>>>>>>>> >>>>>>>>> Removing the line you suggested points to line 19, which starts >>>>>>>>> with wshell.run >>>>>>>>> >>>>>>>>> Full error: >>>>>>>>> >>>>>>>>> Starts here >>>>>>>>> 8/28/2008 5:55:09 PM >>>>>>>>> Microsoft VBScript runtime error '800a0046' >>>>>>>>> Permission denied >>>>>>>>> /groupCalPDF.asp, line 19 >>>>>>>>> >>>>>>>>> Yes, the IUSR_ account has full access to the c:\htmltools folder, >>>>>>>>> explicitly defined and propagated down to child objects. >>>>>>>>> The page is accessed anonymously. >>>>>>> I've been using this for the past couple of days, but I don't get any >>>>>>> access denied entries except for a couple of registry checks, which >>>>>>> I've now assigned permissions for and are no longer appearing. >>>>> I've been looking at that procmon output for days and didn't see it. >>>>> However, once you pointed me at %comspec%, I gave the IUSR_ account >>>>> permissions to c:\windows\system32\cmd.exe and that was the magic >>>>> trick. >>>>> Then I removed the permission again and fired up procmon again and it's >>>>> right there black on white. I don't know how I could have missed it >>>>> before, perhaps a filter or something. >>>>> >>>>> Thanks a lot man! >>>> >>> Man... I am now officially totally confused. >>> The error is back. I don't see any access denied entries in procmon. I >>> even removed that permission on cmd.exe that fixed the problem before >>> just so I could see the access denied in procmon but it's not showing! >>> I don't have much hair left, but I'm pulling out whatever's left >> Excluding SUCCESS results, the only mentions of anything remotely related >> to this issue are a few BUFFER OVERFLOW lines with >> Path: c:\inetpub\websites\GroupCalPDF\groupCalPDF.asp >> Operation: QueryInformationVolume >> QueryAllInformationFile >> QuerySecurityFile > > Yes, I removed permission to %comspec% (c:\windows\system32\cmd.exe) for IUSR_. I'm looking through the full procmon listing, including all events and I'm finding no "denied" strings anywhere by doing a search. There is even a QueryOpen line for process w3wp.exe to path c:\windows\system32\cmd.exe and result of SUCCESS. I checked to make sure that IUSR_ wasn't a member of any privileged group and it's not, only Guests. |
|
#27
09-09-2008, 02:28 PM
| |||
| |||
| Re: wshell.run permission denied Pablo A. Allois wrote: > Do you remove the permission on %comspec% ? > > Dont exclude sucess. Monitor every access to any disk and folder, and use > the Search button to find "DENIED" . > May be, you need some permision of listing in some folders. > > > Tell me how it works. > > > Saludos! > > "P1" <p1@fhri.org> wrote in message > news:woFvk.7452$lU5.1175@newsread1.mlpsca01.us.to. verio.net... >> P1 wrote: >>> Pablo A. Allois wrote: >>>> I am glad that is works. >>>> >>>> Saludos! >>>> "P1" <p1@fhri.org> wrote in message >>>> news:ZkXtk.7386$lU5.322@newsread1.mlpsca01.us.to.v erio.net... >>>>> Pablo A. Allois wrote: >>>>>> Did you check for an access denied on %comspec% ? >>>>>> Are you sure, there is no access denied registred in the procmon ? >>>>>> >>>>>> Check the security eventlog for anu failed log. >>>>>> >>>>>> >>>>>> Saludos! >>>>>> >>>>>> "P1" <p1@fhri.org> wrote in message >>>>>> news:CXVtk.7385$lU5.2059@newsread1.mlpsca01.us.to. verio.net... >>>>>>> Pablo A. Allois wrote: >>>>>>>> Use ProcMon from SysInternals (now MS) and monitor the access to the >>>>>>>> folder. >>>>>>>> You will see an access denied, ProcMon will tell you what user is >>>>>>>> having the Access Denied. >>>>>>>> >>>>>>>> >>>>>>>> Please, take care, do not leave this application too much time on a >>>>>>>> production server. >>>>>>>> >>>>>>>> >>>>>>>> Saludos! >>>>>>>> >>>>>>>> "P1" <p1@fhri.org> wrote in message >>>>>>>> news:l8Gtk.7358$lU5.4742@newsread1.mlpsca01.us.to. verio.net... >>>>>>>>> Anthony Jones wrote: >>>>>>>>>> "P1" <p1@fhri.org> wrote in message >>>>>>>>>> news:TGCtk.7351$lU5.226@newsread1.mlpsca01.us.to.v erio.net... >>>>>>>>>>> Hey guys, >>>>>>>>>>> I'm totally out of my league here, I don't even know how I got >>>>>>>>>>> stuck >>>>>>>>>>> with this problem, it's obviously a webmaster issue and I'm just >>>>>>>>>>> a lowly >>>>>>>>>>> net admin. >>>>>>>>>>> >>>>>>>>>>> The error: >>>>>>>>>>> >>>>>>>>>>> Starts here >>>>>>>>>>> 8/28/2008 1:39:17 PM >>>>>>>>>>> Passed through >>>>>>>>>>> Error detected: 70: Permission denied >>>>>>>>>>> >>>>>>>>>>> The script: >>>>>>>>>>> >>>>>>>>>>> <% >>>>>>>>>>> response.Expires = 0 >>>>>>>>>>> dim wshell, url, filename, memberid >>>>>>>>>>> on error resume next >>>>>>>>>>> Response.Write("Starts here<br/>") >>>>>>>>>>> >>>>>>>>>>> %> >>>>>>>>>>> <pre> >>>>>>>>>>> <%=now()%> >>>>>>>>>>> >>>>>>>>>>> </pre> >>>>>>>>>>> <% >>>>>>>>>>> >>>>>>>>>>> memberid = Request("memberid") >>>>>>>>>>> url = Request("url") >>>>>>>>>>> filename = "cal"& memberid &".pdf" >>>>>>>>>>> >>>>>>>>>>> set wshell = CreateObject("WScript.Shell") >>>>>>>>>>> wshell.run "%comspec% /c c:\htmltools\htmltools.exe -append 0 >>>>>>>>>>> """& url >>>>>>>>>>> &""" ""c:\PDFTemp\" & filename &""" >c:\htmltools\log.txt", 0, >>>>>>>>>>> TRUE >>>>>>>>>>> set wshell = nothing >>>>>>>>>>> >>>>>>>>>>> Response.write "Passed through<br/>" >>>>>>>>>>> >>>>>>>>>>> if err.number <> 0 then >>>>>>>>>>> response.write "Error detected: " & err.number & ": " & >>>>>>>>>>> err.Description & "<br/>" >>>>>>>>>>> on error goto 0 >>>>>>>>>>> response.end >>>>>>>>>>> end if >>>>>>>>>>> on error goto 0 >>>>>>>>>>> >>>>>>>>>>> Response.write "Run sucessfully<br/>" >>>>>>>>>>> >>>>>>>>>>> Response.Redirect("http://calpdf.domain.com/PDFTemp/" & filename) >>>>>>>>>>> %> >>>>>>>>>>> <pre> >>>>>>>>>>> <%=now()%> >>>>>>>>>>> >>>>>>>>>>> </pre> >>>>>>>>>>> >>>>>>>>>>> IIS and permissions: >>>>>>>>>>> The website has Scripts and Executables permissions. >>>>>>>>>>> The folder containing the asp script and htmltools.exe have full >>>>>>>>>>> NTFS >>>>>>>>>>> permissions for IIS_WPG, IUSR_, IWAM_. >>>>>>>>>>> >>>>>>>>>>> Some of the commands in the script I put in as part of >>>>>>>>>>> suggestions found >>>>>>>>>>> while researching this problem. >>>>>>>>>>> >>>>>>>>>>> I'm lost, please help? >>>>>>>>>> Comment out the on error resume next line. >>>>>>>>>> >>>>>>>>>> Then examine the line number in the error returned (make sure you >>>>>>>>>> have Send >>>>>>>>>> Detailed Error messages turned on). >>>>>>>>>> >>>>>>>>>> Also does the IUSR_ account have access to the c:\htmltools >>>>>>>>>> folder? >>>>>>>>>> >>>>>>>>>> Is the page accessed anonymously? >>>>>>>>>> >>>>>>>>>> >>>>>>>>> Removing the line you suggested points to line 19, which starts >>>>>>>>> with wshell.run >>>>>>>>> >>>>>>>>> Full error: >>>>>>>>> >>>>>>>>> Starts here >>>>>>>>> 8/28/2008 5:55:09 PM >>>>>>>>> Microsoft VBScript runtime error '800a0046' >>>>>>>>> Permission denied >>>>>>>>> /groupCalPDF.asp, line 19 >>>>>>>>> >>>>>>>>> Yes, the IUSR_ account has full access to the c:\htmltools folder, >>>>>>>>> explicitly defined and propagated down to child objects. >>>>>>>>> The page is accessed anonymously. >>>>>>> I've been using this for the past couple of days, but I don't get any >>>>>>> access denied entries except for a couple of registry checks, which >>>>>>> I've now assigned permissions for and are no longer appearing. >>>>> I've been looking at that procmon output for days and didn't see it. >>>>> However, once you pointed me at %comspec%, I gave the IUSR_ account >>>>> permissions to c:\windows\system32\cmd.exe and that was the magic >>>>> trick. >>>>> Then I removed the permission again and fired up procmon again and it's >>>>> right there black on white. I don't know how I could have missed it >>>>> before, perhaps a filter or something. >>>>> >>>>> Thanks a lot man! >>>> >>> Man... I am now officially totally confused. >>> The error is back. I don't see any access denied entries in procmon. I >>> even removed that permission on cmd.exe that fixed the problem before >>> just so I could see the access denied in procmon but it's not showing! >>> I don't have much hair left, but I'm pulling out whatever's left >> Excluding SUCCESS results, the only mentions of anything remotely related >> to this issue are a few BUFFER OVERFLOW lines with >> Path: c:\inetpub\websites\GroupCalPDF\groupCalPDF.asp >> Operation: QueryInformationVolume >> QueryAllInformationFile >> QuerySecurityFile > > Yes, I removed permission to %comspec% (c:\windows\system32\cmd.exe) for IUSR_. I'm looking through the full procmon listing, including all events and I'm finding no "denied" strings anywhere by doing a search. There is even a QueryOpen line for process w3wp.exe to path c:\windows\system32\cmd.exe and result of SUCCESS. I checked to make sure that IUSR_ wasn't a member of any privileged group and it's not, only Guests. |
 |
« Previous Thread
|
Next Thread »
| Thread Tools | |
| Display Modes | |
Linear Mode
All times are GMT -5. The time now is 04:51 PM.
