Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Running a Workflow as a Domain Account in IIS for Windows Server 2008

Created: 19 Dec 2012 • Updated: 20 Dec 2012 | 9 comments
This issue has been solved. See solution.

 

Does know if there’s a trick to getting the workflow to run with administrative rights in IIS in Windows Server 2008 using a domain admin account? I’ve done it for our Windows Server 2003 server a long time ago but for some reason it isn’t working for 2008. Here’s what I’ve done:

·         Assigned ASP.NET permissions to a domain admin account using aspnet_regiis – ga graham\domain admin account

·         Created a new app pool in IIS to run with using the domain admin account

I've also tried running the setspn.exe -S http/IIS_computer's_NetBIOS_name DomainName\UserName and cscript adsutil.vbs set w3svc/NTAuthenticationProviders "NTLM" from this link http://support.microsoft.com/default.aspx?scid=kb;..., The same workflow that is published to our 2003 server works but not on the 2008 server so there must be some different configuration on the 2008 server.

 

Comments 9 CommentsJump to latest comment

Aryanos's picture

Thanks but this is more in allowing workflows to access network folders to do an action like read/write files and I've setup the server pretty much as described in that article.

I like my beats fast and my bass down low

AngelD's picture

 

So just to confirm, you did?:
"C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_regiis –ga <domain\account>
Changed AppPool Identity to <domain\account> and switched to Classic Mode
 

SOLUTION
Aryanos's picture

Yep, did all that and not sure why it's not working. I swear when I did it on the 2003 server all I did were these two steps and it worked but for some reason it's not working for 2008.

 

I like my beats fast and my bass down low

AngelD's picture

Are you only using Windows Authentication?

AngelD's picture

Can you also confirm which Windows Features that you have installed

Aryanos's picture

OK, I think I had it all working all along but there appears to be something weird with the Read File component as I had to put an extra "\" in the path for some reason. The folder path I had to read the file is \\servername\D$\Folder\Filename.xml and I had to change it to \\\servername\D$\Folder\Filename.xml which doesn't make sense to me. This is on WF 7.1 SP1 build 7.1.1401.59 so I'm not sure it's a bug or something. 

Thanks for the help AngelD.

I like my beats fast and my bass down low

reecardo's picture

This is something we saw in May of this year (actually from another Connect post). For some reason, if your path would began with a double slash, it stripped a leading slash. Needless to say, this would cause lookups by UNC paths to behave extremely funky. We've since removed this logic... it should behave properly in 7.5.

The workaround up above is how you get around it for now... use 3 slashes.

Aryanos's picture

Yea, it definitely messed with my testing to see if the workflow was running with Administrative rights. Thanks for the info reecardo and glad to know this is fixed in the 7.5 release.

I like my beats fast and my bass down low