Workflow Soluiton

 View Only
  • 1.  Running a Workflow as a Domain Account in IIS for Windows Server 2008

    Posted Dec 19, 2012 03:40 PM

     

    Does know if there’s a trick to getting the workflow to run with administrative rights in IIS in Windows Server 2008 using a domain admin account? I’ve done it for our Windows Server 2003 server a long time ago but for some reason it isn’t working for 2008. Here’s what I’ve done:

    ·         Assigned ASP.NET permissions to a domain admin account using aspnet_regiis – ga graham\domain admin account

    ·         Created a new app pool in IIS to run with using the domain admin account

    I've also tried running the setspn.exe -S http/IIS_computer's_NetBIOS_name DomainName\UserName and cscript adsutil.vbs set w3svc/NTAuthenticationProviders "NTLM" from this link http://support.microsoft.com/default.aspx?scid=kb;EN-US;871179, The same workflow that is published to our 2003 server works but not on the 2008 server so there must be some different configuration on the 2008 server.

     



  • 2.  RE: Running a Workflow as a Domain Account in IIS for Windows Server 2008

    Posted Dec 19, 2012 03:51 PM


  • 3.  RE: Running a Workflow as a Domain Account in IIS for Windows Server 2008

    Posted Dec 19, 2012 04:02 PM

    Thanks but this is more in allowing workflows to access network folders to do an action like read/write files and I've setup the server pretty much as described in that article.



  • 4.  RE: Running a Workflow as a Domain Account in IIS for Windows Server 2008
    Best Answer

    Posted Dec 19, 2012 06:14 PM

     

    So just to confirm, you did?:
    "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_regiis –ga <domain\account>
    Changed AppPool Identity to <domain\account> and switched to Classic Mode
     


  • 5.  RE: Running a Workflow as a Domain Account in IIS for Windows Server 2008

    Posted Dec 19, 2012 07:09 PM

    Yep, did all that and not sure why it's not working. I swear when I did it on the 2003 server all I did were these two steps and it worked but for some reason it's not working for 2008.

     



  • 6.  RE: Running a Workflow as a Domain Account in IIS for Windows Server 2008

    Posted Dec 20, 2012 07:19 AM

    Are you only using Windows Authentication?



  • 7.  RE: Running a Workflow as a Domain Account in IIS for Windows Server 2008

    Posted Dec 20, 2012 07:51 AM

    Can you also confirm which Windows Features that you have installed



  • 8.  RE: Running a Workflow as a Domain Account in IIS for Windows Server 2008

    Posted Dec 20, 2012 09:47 AM

    OK, I think I had it all working all along but there appears to be something weird with the Read File component as I had to put an extra "\" in the path for some reason. The folder path I had to read the file is \\servername\D$\Folder\Filename.xml and I had to change it to \\\servername\D$\Folder\Filename.xml which doesn't make sense to me. This is on WF 7.1 SP1 build 7.1.1401.59 so I'm not sure it's a bug or something. 

    Thanks for the help AngelD.



  • 9.  RE: Running a Workflow as a Domain Account in IIS for Windows Server 2008

    Posted Dec 20, 2012 11:17 AM

    This is something we saw in May of this year (actually from another Connect post). For some reason, if your path would began with a double slash, it stripped a leading slash. Needless to say, this would cause lookups by UNC paths to behave extremely funky. We've since removed this logic... it should behave properly in 7.5.

    The workaround up above is how you get around it for now... use 3 slashes.



  • 10.  RE: Running a Workflow as a Domain Account in IIS for Windows Server 2008

    Posted Dec 20, 2012 12:35 PM

    Yea, it definitely messed with my testing to see if the workflow was running with Administrative rights. Thanks for the info reecardo and glad to know this is fixed in the 7.5 release.