IIS7 – post #56 – Remote uploaded content, static user and an Windows Integrated Authentication site.

I was answering a post in forums.iis.net ( http://forums.iis.net/t/1147184.aspx ) regarding a person who has anonymous access disabled.  People use Windows Integrated Authentication to access their site.  The one requirement was they wanted to allow people to upload files to a remote UNC share using a static user.  Here is one solution that could help resolve this type of issue.  This was tested with an IIS 7.0 website and a Windows Server 2003 backend file server.  I’m assuming the web and file server reside in an AD (active directory) domain.  You could also use an NULL session. I’m sure there is other solutions, if so please pass them along.


1) I created a domain user called UploadSample with some random password.


2) I created a folder on a remote server called UploadSample.  I shared the folder and granted the DomainUploadSample user modify permissions to the remote folder. + I also granted Administrators / SYSTEM full control.


3) In IIS Manager, I created a virtual directory called “UploadSample” mapped to the remote UNC path.  Since this is a static user, the anonymous login can be set and not protected using Windows Authentication.  This is the only vdir set to anonymous.  I set the anonymous user to a static domain account (DomainUploadSample).


4) Since you are using ASP, I downloaded http://www.freeaspupload.net/freeaspupload/download.asp  and extracted uploadtester.asp and freeASPUpload.asp to the Remote Share I created in step 2.  The upload program files are being hosted on the remote share.  I fixed the variable used by the program.  Here is the line you need to correct.  uploadsDirVar = “\DomainFileServerUploadSample“, this variable is in uploadTester.asp. 


5) I made sure the rest of the site required Windows Authentication.


6) I hit http://WebServerIPAddress/UploadSample/UploadTester.asp and tested uploading files with no issues.


A few other tricks I did, the UploadSample folder does not have a default document, so when someone goes to http://WebServerIPAddress/UploadSample/, they’ll get a 403 error since no default documents are set. You could even have some logic to redirect them else where.  In your application, you link directly to http://WebServerIPAddress/UploadSample/UploadTester.asp    For reference, the application pool was set to use Network Service.  Hope this is helpful, it was an interesting challenge.


 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s