I'm trying to configure the security settings for a folder. Not getting very far with it.
It is a data folder that will be used by an application running under IIS. This web app needs file create/read/write permission on that folder.
On the machine I'm trialling this, I'm running IIS 7/Win2K8, so IIS is running under the 'NETWORK SERVICE' account.
Ideally, there should be a way to find out what account IIS is running under, but that problem is secondary (although I'd like to know the answer to that too).
The folder that needs the permission set is \Target Computer\Application Folder\Data
I'm setting security through the Project Definition\Files & Folders -> \Target Computer\Application Folder\Data -> properties\permissions
I've tried a few combinations, but the installer fails to install successfully.
(Domain, Username)
[%USERDOMAIN], NETWORK SERVICE --> account doesn't exist (fair enough, it's a local machine account)
[%USERDOMAIN], NetworkService --> account doesn't exist
<blank>, NETWORK_SERVICE --> account doesn't exist (fair enough, it should be with a space, afaik)
NT AUTHORITY, NetworkService --> This fails during install, and logs this 1720 error in the event log.
NT AUTHORITY, NETWORK SERVICE --> This fails during install, and logs this 1720 error in the event log.
<blank>,NETWORK SERVICE --> This fails during install, and logs this 1720 errorin the event log. (this is the account setting I'd intuitively expect to work)
<blank>,NetworkService --> This fails during install, and logs this 1720 errorin the event log.
NT_AUTHORITY, NETWORK SERVICE --> This fails during install, and logs this 1720 errorin the event log.
"Product: TestXYZ Service -- Error 1720. There is a problem with this Windows Installer package. A script required for this install to complete could not be run. Contact your support personnel or package vendor. Custom action script error , : Line , Column , "
Pretty much stuck on this one. Any suggestions would be most appreciated.
Is there a variable to indicate the local machine (something like [%localmachine]) in the domain box, is it even required?
Ideally pre-populating the dropdowns with stuff like "the account IIS is running under" this would be really helpful. Equally having groupings of the flags, for standard read/write/full control as described in the help, would be really nice too.
Finally, how do you discover the account IIS is running under?
We really like advanced installer, so much nicer than installshield - but we need this resolved before our trial runs out (in 3 days -sigh), to proceed with our eval successfully.
Cheers,
F.