authorization: application pool identity cannot access path
Best guess:
The application pool seems to be having difficulty reading a web.config file in the directory or one of its subfolders. NTFS permissions probably prevent it from doing so.
The app pool starts up as the Application Pool Identity configured in App Pool Properties. This account needs to be able to enumerate all folders within the website, to read the web.config files that live there.
IIS 7.x stores its configuration in web.config files - if any subfolder bars access to the App Pool account, you're going to have difficulties.
I think the second part of the message indicates that the current App Pool identity doesn't have read access to the folder it's naming there.
If you grant - for example - Everyone: Read to that folder it's referring to, if the error comes back, it'll probably name a different folder.
You can allow IIS_IUSRS Read access to all your website folders, but that's a fairly broad solution; what you really need to do is allow your App Pool account Read access to the entire contents of the website (and subfolders). (and only Read (never Modify or Write) unless you're a very special case (assume you're not))
Alternatively, you can set the allowSubdirConfig property at the site level to prevent searching lower-level subfolders for web.config files: http://msdn.microsoft.com/en-us/library/ms689463.aspx
Related videos on Youtube
02 : 31
17 : 45
11 : 13
02 : 32
01 : 34
CJM
Updated on September 18, 2022Comments
-
CJM over 1 year
I have two very similar ASP Classic apps that both use Windows Authentication and run on the same development PC (Windows 7/IIS 7.5).
They've been around for years, and have 'travelled' with me as I've upgraded PCs through the years. One works fine, but the other doesn't - I can't say for sure whether it has ever worked on this particular PC, since it has been a while since I've had to work on it, but I think it has been working in the recent past.
My problem is that when I browse the site, I get the following error:
HTTP Error 500.19 - Internal Server Error The requested page cannot be accessed because the related configuration data for the page is invalid Cannot read configuration file due to insufficient permissionsThe curious thing is that it claims to have insufficient privileges to access web.config - but there is no web.config!
In the application settings, if we test the connection, an error is reported:
Authorization: Application pool identity cannot access pathAs far as I can tell, both applications are configured identically:
- Both use the same Application Pool
- The identity of the pool (a domain user) has identical permissions to the application folder (Read + Modify)
- Both are configured for Windows Authentication
I'm stumped! Any ideas?
EDIT: Full error information:
**Detailed Error Information** Module IIS Web Core Notification BeginRequest Handler Not yet determined Error Code 0x80070005 Config Error Cannot read configuration file due to insufficient permissions Config File \\?\D:\Projects\Scope2\web.config Requested URL http://myserver:80/scope2/ Physical Path D:\Projects\Scope2\ Logon Method Not yet determined Logon User Not yet determined-
Ov's Pianist almost 13 yearsEdited answer to address the additional info.
-
CJM almost 13 yearsThe problem is, there is no web.config file. It is an ASP Classic application.
-
Ov's Pianist almost 13 yearsIIS doesn't know that without looking. IIS uses web.config to manage IIS settings, not just ASP.Net settings. So you'll either need to allow access to the app pool identity so it can look for a web.config file, or set the allowSubdirConfig property to false to stop it looking. Make sense?
-
Ov's Pianist almost 13 yearsOK - I'd be comparing the %windir%\system32\inetsrv\config\ApplicationHost.config files between machines.
-
CJM almost 13 yearsOK - I'm away on business for a week, but will check this when I get back.
