0

I've a shared folder (that stores attached documents to requests) on a server that had access for the Everyone group.

The Shared file is populated by users submitting a request with attachments added. I have to remove the everyone group from having access to the Shared folder. Since removing the Everyone access, users are unable to attach documents to requests as their access is denied to the folder.

Can I add the app pool identity to the Shared folder security group and then impersonate that from within the application? Any ideas how I can resolve this?

Thanks Paul

paulmcm
  • 93
  • 4
  • 14
  • 1
    Add the AppPoolIdentity to the Shared folder. No need to impersonate that, since code running in the application will already be running as the AppPoolIdentity already, unless you're using Windows Authentication with Kerberos passing the authentication through. In that case, you just need to add the users of the application to a group, and give that group the appropriate permissions to the folder... but none of this is really programming. It's admin. – Heretic Monkey Mar 23 '21 at 17:05
  • Thank you for the response, Share folder is now locked down and I can upload attachments via the web app. One more thing, the web page has a link to the uploaded document but when I try to view the document I am getting an access denied message. If the app pool ID has R/W access shouldn't I be able to view the uploaded document? – paulmcm Mar 25 '21 at 09:37

0 Answers0