Microsoft Knowledge Base Email Alertz
All KB/RSS Links  |  Hot Kb!  |  New Kb!  |  Scott Cate  |  FAQ / KB  |  Web Hosting  |  Unsubscribe  

(323293) - When you search against Index Server through an ASP.NET page, you may receive the following error message: Access is denied. Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace...

Search KbAlertz

Advanced Search

Receive Microsoft Knowledge Base articles by E-Mail?

Every night we scan the Microsoft Knowledge Base. If technologies you're interested in are updated, we'll send you an e-mail. You only get one e-mail a day, and only when new articles are added.
Click here to create a
FREE account
Already have an account?
[Click here to Login]











Microsoft Knowledge Base Article

This article contents is Microsoft Copyrighted material.
©2005-©2007 Microsoft Corporation. All rights reserved. Terms of Use | Trademarks
Article ID: 323293 - Last Review: July 5, 2006 - Revision: 3.1

FIX: "Access is denied" error message when you try to access indexing service from ASP.NET with impersonation enabled

Retired KB ArticleRetired KB Content Disclaimer
View products that this article applies to.
This article was previously published under Q323293

On This Page

SYMPTOMS

When you search against Index Server through an ASP.NET page, you may receive the following error message:
Access is denied. Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.Data.OleDb.OleDbException: Access is denied.
This behavior is observed only if you enable impersonation for the ASP.NET Web application and if the security context under which the ASP.NET worker process (Aspnet_wp.exe) runs is the ASPNET account.
Back to the top

RESOLUTION

Service pack information

To resolve this problem, obtain the latest service pack for Microsoft Windows 2000. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
260910  (http://kbalertz.com/Feedback.aspx?kbNumber=260910/ ) How to obtain the latest Windows 2000 service pack
Back to the top

WORKAROUND

Use one of the following methods to work around this problem:
  • Disable impersonation for the whole ASP.NET Web application. This is the default setting.
  • Disable impersonation only for the particular .aspx page that does the Index Server search. To do this, add a <location> tag to the Web.config file as follows:
    <location path="filename.aspx">
<system.web>
   <identity impersonate="false" />
</system.web>
</location>
If these workarounds are not acceptable to you, you may change the security context under which the ASP.NET worker process runs to the SYSTEM account. However, Microsoft does not recommend that you set the security context of the ASP.NET worker process to the SYSTEM account because the SYSTEM account is a highly privileged Administrator account on the Web server computer. Use this workaround only if none of the other workarounds are acceptable to you.

To change the security context under which the ASP.NET worker process runs, set the userName attribute to SYSTEM, and then set the Password attribute to autogenerate in the <processModel> section of the Machine.config file. The Machine.config file is located in the C:\Windows Directory\Microsoft.Net\Framework\v1.0.3705\Config folder.
Back to the top

STATUS

Microsoft has confirmed that this is a bug in the Microsoft products that are listed in the "Applies to" section. This bug was corrected in ASP.NET (included with the .NET Framework) 1.1. Microsoft has confirmed that this is a problem in Microsoft Windows 2000. This problem was first corrected in Microsoft Windows 2000 Service Pack 4.
Back to the top

MORE INFORMATION

Steps to Reproduce the Behavior

  1. Start Microsoft Visual Studio .NET.
  2. Create an ASP.NET Web application.
  3. Add the following code in the HTML of an .aspx page:
    <%@ Page language="c#" %>
<%
            System.Data.OleDb.OleDbConnection conn = new System.Data.OleDb.OleDbConnection("provider=msidxs;");

            conn.Open();

            string Sql = "Select DocTitle, vpath, characterization, rank from Scope(' DEEP TRAVERSAL OF \"C:\\\" ')  where FREETEXT(' \"ticket\" ') order by rank desc";

            System.Data.OleDb.OleDbDataAdapter da = new System.Data.OleDb.OleDbDataAdapter(Sql, conn);

            System.Data.DataSet ds = new System.Data.DataSet();

            da.Fill(ds, "SearchResults");
            Response.Write("Search Results: <br>");
            for (int i = 0; i < ds.Tables[0].Rows.Count; i++)

            {

                        Response.Write("<br>" + ds.Tables[0].Rows[i]["vpath"].ToString());

            }

%>
  4. Modify the Web.config file to enable impersonation as follows:
    <identity impersonate="true" />
  5. Make sure that the security context under which the Aspnet_wp.exe worker process runs is the ASPNET account. To do this, set the userName attribute to machine, and then set the Password attribute to autogenerate in the <processModel> section of the Machine.config file.

    Note By default, the ASP.NET worker process is set to run under the security context of the restricted ASPNET account.
  6. Start the Indexing Service on your computer.
  7. Build the application, and then open the .aspx page in your browser. Notice that you receive the error message that is listed in the "Symptoms" section.
Back to the top

REFERENCES

For more information about impersonation in ASP.NET, click the following article number to view the article in the Microsoft Knowledge Base:
306158  (http://kbalertz.com/Feedback.aspx?kbNumber=306158/ ) How to implement impersonation in an ASP.NET application
For more information about the ASP.NET worker process identity, click the following article number to view the article in the Microsoft Knowledge Base:
317012  (http://kbalertz.com/Feedback.aspx?kbNumber=317012/ ) Process and request identity in ASP.NET
Back to the top
APPLIES TO
  • Microsoft ASP.NET 1.0
  • Microsoft Index Server 2.0
  • Microsoft OLE DB Provider for Index Server 3.0
Back to the top
Keywords: 
kbhotfixserver kbqfe kbwin2ksp4fix kbother kbfix kbbug kbconfig kbnofix kbsecurity KB323293
Back to the top
Retired KB ArticleRetired KB Content Disclaimer
This article was written about products for which Microsoft no longer offers support. Therefore, this article is offered "as is" and will no longer be updated.
Back to the top
        

Community Feedback System

Very often, it takes hours to solve a problem. Very often, you've looked high and low, and have tried a lot of solutions. When you finally found it, chances are, it was because someone else helped you. Here's your chance to give back. Use our community feedback tool to let others know what worked for you and what didn't.

Please also understand that the community feedback system is not warranted to be correct, it's simply a system that we've built to let people try and help each other. If something in a feedback response doesn't make sense to you, or you're not comfortable making changes that the feedback talks about (like registry edits), please consult a professional.

Thank you for using kbAlertz.com Feedback System.

-- Scott Cate

Franck Quintana - labilbe NOSPAM-AT-NOSPAM wanadoo.fr Report As Irrelevant  
Written: 12/18/2005 1:08 PM
Thank you very much for this usefull feedback, my program worked well under asp.net 1.1 but i had this error passing it under framework 2.0. Thank you very much again because i have lost lot of time searching the problem.



Copyright © 2002-2007 KBALERTZ.COM.  All Rights Reserved. Terms / PrivacyDiscount ASP.NET Hosting