• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Permissions problems running applications (asp.net, php, etc)

S

ShonnG

Guest
I am having problems getting web applications on any web site running. Clicking any of the links in the Test Pages section of a new site's default page pops up a login request. Clicking cancel then shows a 401.2 - Unauthorized error.

I used Procmon to track it down and the IWAM_plesk account doesn't have the correct access. It seems that although web sites are configured with IUSR_domain the app pool is under IWAM_plesk and that is the account used for access. Adding access to IWAM_plesk changes the error messages, usually to not having access to a file needed by the script processor.

I found a kb about adding permissions to the gac for asp.net but that only fixes access to the assemblies.

I tried running through all the reconfigurator steps without any success and it seems that it backs out any permissions that I had added including the gac fix. Is this a problem with running Plesk on 2008 R2? Is there a fix?

Thank you,
Shonn


Windows 2008 R2
Plesk 9.5.1
 
Make sure that for "plesk(default)(2.0)(pool)" default Identity is IWAM_plesk(default). For DefaultAppPool - NetworkService
 
plesk(default)(2.0)(pool) was already IWAM_plesk(default) and DefaultAppPool was ApplicationPoolIdentity. I changed DefaultAppPool to NetworkService but it didn't make a difference since all the web sites are configured to use plesk(default)(2.0)(pool).

IWAM_plesk(default) is a member of psacln

The httpdocs folder has the following permissions:
- IWAM_plesk(default) - list folder contents only
- ftp_subaccounts - delete
- {domain} - full
- IUSR_{domain} - list/read
- Administrators - full

sub files of httpdocs have:
- System - full
- {domain} - full
- IUSR_{domain} - read
- Administrators - full

The web site:
Anonymous access under IUSR_{domain}
App pool: plesk(default)(2.0)(pool)
Intergrated mode
path: d:\ServerData\Domains\{domain}\

running Procmon shows that it's using the app pool's credentials (IWAM_plesk(default)) to access the files. Since IWAM_plesk(default) or psacln don't have access to anything it's reverting to Basic Authentication.

I could tweak the permissions to make it work for existing domains but the reconfigurator seems to want it like this and any new domains would be broken.
 
Well. I think it would be better if you contact Parallels support team and they will check your permissions directly on your server.
 
You must log in or register to reply here.

Similar threads

S
Question open_basedir and WordPress, general consensus needed, configured or none?
Replies
6
Views
3K
Duarte N
D
B
Question Google Permission Subdomain
Replies
2
Views
862
BrainMS
B
D
Input How to run Magento 2 on Plesk Obsidian 18 without Docker
Replies
6
Views
3K
WebHostingAce
WebHostingAce
H
Resolved Nginx + non "plain" Wordpress Permalinks error.
2
Replies
22
Views
9K
tomandersen
T
T
Issue After moving subscription, users receive message "Your subscription was removed", Cannot create new webspace.
Replies
2
Views
1K
thespark
T
Back
Top