1

I have web application that have to access local resources, files/folders, to be able to do git clone/pull/push. I've created a separate Application Pool with Process Identity == my own account (Administrator of machine).

But, if I do: 

Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData)

The return value:

"C:\\Windows\\system32\\config\\systemprofile\\AppData\\Local"

so, it looks like system profile is still used. git clone and other git operations hangs up, seems like fail to find .ssh keys etc.

The interesting thing, that it worked fine before Windows SP1 update (at least I blame update, since nothing more changed on machine).

Alexander Beletsky
  • 19,453
  • 9
  • 63
  • 86

1 Answers1

1

If already not having it, try setting:

<identity impersonate="false"/>

in web.config

EDIT

I was wrong, you need to have your app pool identity with access to local folder here:

System.Security.Principal.WindowsIdentity.GetCurrent()

EDIT 2

I have found solution. To run application AS you, you need to turn on impersonation after all (app pool setting does not apply on my IIS7.5), but AS A SPECIFIC USER. So, to enable this, you need to turn impersonation on in web.config AND specify user:

    <identity impersonate="true" password="o1j2813n" userName="obrad" />

You can also set this through inetmgr: ASP.NET Impersonation Settings screenshot

Either way, after setting this, 

Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData)

gives:

C:\Users\obrad\AppData\Local

Another update:

I have been searching for a way to do the same without putting my password in web.config, and can confirm that I get local user folder also when basic impersonation is on

    <identity impersonate="true"/>

But under condition that application connects (under app settings -> Connect as...) as me:

app settings screenshot

Goran Obradovic
  • 8,951
  • 9
  • 50
  • 79
  • Can you see what is current principal when not impersonating? It should be app pool identity... – Goran Obradovic Sep 24 '11 at 12:57
  • Well that is the problem, I just have to check what needs to be done for this to work under app pool identity. – Goran Obradovic Sep 24 '11 at 13:16
  • System.Security.Principal.WindowsIdentity.GetCurrent() {System.Security.Principal.WindowsIdentity} AuthenticationType: "NTLM" Groups: {System.Security.Principal.IdentityReferenceCollection} ImpersonationLevel: None IsAnonymous: false IsAuthenticated: true IsGuest: false IsSystem: false Name: "seekey-note\\alexander.beletsky" Owner: {S-1-5-32-544} Token: 1444 User: {S-1-5-21-3002142266-3819629678-4064189035-1000} – Alexander Beletsky Sep 24 '11 at 14:21
  • ImpersonationLevel: None - might it cause problem? – Alexander Beletsky Sep 24 '11 at 14:22
  • I don't think so, because impersonation is for currently logged in user, you don't need that, you want to run under APP POOL identity, that is unimpersonated. I'm without idea... – Goran Obradovic Sep 24 '11 at 15:39
  • I had found solution which works for me. Updated my answer now. – Goran Obradovic Sep 24 '11 at 21:52
  • Goran, thanks a lot! You right, it works.. I have yet another issue, but is separate one.. I thinks you've seen the one :) – Alexander Beletsky Sep 25 '11 at 07:56
  • hi Goran, if you have time, please look at this question http://stackoverflow.com/questions/7666423/iis-7-5-with-process-idenity-set-to-user-has-wrong-userprofile – Alexander Beletsky Oct 05 '11 at 19:24