.net application cannot access metabase.xml iis6

am 28.01.2007 23:22:20 von Ken Varn

Hi,

I have to modify an existing .net windows application that directly edits
the IIS6 metabase.
(I don't have the option of deciding to use ADSI/WMI in a Script because
it's an existing application).

It's been working fine for a long time up to now on our test servers and our
customers' servers (Windows 2003), but now when I've been testing recently
it I get the error
"Could not find file 'C:\WINDOWS\system32\inetsrv\MetaBase.xml'" when the
application tries to read from or write to the metabase.

I have checked - the file is present in the expected location, the Enable
edit while running flag is on in IIS manager,
the ntfs permissions on the file are for Administrators and SYSTEM to have
full control to metabase.xml, and I am running our .net application while
logged in to the server via remote desktop as an administrator, so I would
expect the application to be running with administrative privileges and
therefore be able to read/write to metabase.xml.

Why is this happening and what do I need to do to fix it?

Thanks for any help

Tessa

Re: .net application cannot access metabase.xml iis6

am 29.01.2007 01:18:40 von David Wang

> I am running our .net application while logged
> in to the server via remote desktop as an
> administrator, so I would expect the application
> to be running with administrative privileges and
> therefore be able to read/write to metabase.xml.

Incorrect assumption that the .net application is running with
administrative privileges.

Only IF you know that the application is either:
1. directly impersonating a user with administrative privileges, OR
2. if the .Net application is keeping the impersonated Windows user
identity AND IIS is authenticating

Then you know that a user token with administrative privileges is used
by the application.

My other question -- is this on a 64bit machine and if so, is the
worker process configured to run as 32bit? Because a 32bit ASP.Net
application is not allowed to touch "C:\WINDOWS\system32\inetsrv
\MetaBase.xml" on a 64bit machine. Search my blog for "WOW64" or
"64bit" reference to understand more about the expected behavior and
how to work with it.

My recommendation is to not rely on editing metabase.xml to configure
IIS because it is not supported as a "programmatic interface". You
will see on IIS7 that metabase.xml is deprecated already.

//David
http://w3-4u.blogspot.com
http://blogs.msdn.com/David.Wang
//

On Jan 28, 2:22 pm, "Tessa" wrote:
> Hi,
>
> I have to modify an existing .net windows application that directly edits
> the IIS6 metabase.
> (I don't have the option of deciding to use ADSI/WMI in a Script because
> it's an existing application).
>
> It's been working fine for a long time up to now on our test servers and our
> customers' servers (Windows 2003), but now when I've been testing recently
> it I get the error
> "Could not find file 'C:\WINDOWS\system32\inetsrv\MetaBase.xml'" when the
> application tries to read from or write to the metabase.
>
> I have checked - the file is present in the expected location, the Enable
> edit while running flag is on in IIS manager,
> the ntfs permissions on the file are for Administrators and SYSTEM to have
> full control to metabase.xml, and I am running our .net application while
> logged in to the server via remote desktop as an administrator, so I would
> expect the application to be running with administrative privileges and
> therefore be able to read/write to metabase.xml.
>
> Why is this happening and what do I need to do to fix it?
>
> Thanks for any help
>
> Tessa

Re: .net application cannot access metabase.xml iis6

am 29.01.2007 07:08:55 von Ken Varn

Hi,

Thanks for the response,
However, this is an existing .net Windows application that is editing the
metabase.xml, it's not an asp.net application.

I have checked by getting it to write to a log file at runtime the value of
System.Environment.UserDomainName: OURDOMAIN
System.Environment.UserDomainNameUserName: Administrator
so from this I'm concluding that it is running as an administrator (ie. it's
running as the domain admin, which is a member of the administrators group
on the server)

For a windows app, how would you tell if it is actually running with any
lesser privileges than the account specified in system.environment?
I'm not sure how you would see if it's impersonating something else.

It is a 64-bit machine, but it is not configured to run in 32-bit mode as
far as I can tell
cscript %SYSTEMDRIVE%\inetpub\adminscripts\adsutil.vbs SET
W3SVC/AppPools/Enable32bitAppOnWin64 0
has been run on it so according to http://support.microsoft.com/kb/894435 it
ought to be in 64-bit mode ?

How can you tell (e.g. in IIS manager) if IIS is configured to run as
32-bit? In any case, it's not an asp.net application that's trying to edit
metabase.xml , so would that still be significant ?

Thanks for any ideas

Tessa

"David Wang" wrote in message
news:1170029920.696634.123910@a34g2000cwb.googlegroups.com.. .
>> I am running our .net application while logged
>> in to the server via remote desktop as an
>> administrator, so I would expect the application
>> to be running with administrative privileges and
>> therefore be able to read/write to metabase.xml.
>
> Incorrect assumption that the .net application is running with
> administrative privileges.
>
> Only IF you know that the application is either:
> 1. directly impersonating a user with administrative privileges, OR
> 2. if the .Net application is keeping the impersonated Windows user
> identity AND IIS is authenticating
>
> Then you know that a user token with administrative privileges is used
> by the application.
>
>
> My other question -- is this on a 64bit machine and if so, is the
> worker process configured to run as 32bit? Because a 32bit ASP.Net
> application is not allowed to touch "C:\WINDOWS\system32\inetsrv
> \MetaBase.xml" on a 64bit machine. Search my blog for "WOW64" or
> "64bit" reference to understand more about the expected behavior and
> how to work with it.
>
>
> My recommendation is to not rely on editing metabase.xml to configure
> IIS because it is not supported as a "programmatic interface". You
> will see on IIS7 that metabase.xml is deprecated already.
>
>
> //David
> http://w3-4u.blogspot.com
> http://blogs.msdn.com/David.Wang
> //
>
>
>
> On Jan 28, 2:22 pm, "Tessa" wrote:
>> Hi,
>>
>> I have to modify an existing .net windows application that directly edits
>> the IIS6 metabase.
>> (I don't have the option of deciding to use ADSI/WMI in a Script because
>> it's an existing application).
>>
>> It's been working fine for a long time up to now on our test servers and
>> our
>> customers' servers (Windows 2003), but now when I've been testing
>> recently
>> it I get the error
>> "Could not find file 'C:\WINDOWS\system32\inetsrv\MetaBase.xml'" when the
>> application tries to read from or write to the metabase.
>>
>> I have checked - the file is present in the expected location, the Enable
>> edit while running flag is on in IIS manager,
>> the ntfs permissions on the file are for Administrators and SYSTEM to
>> have
>> full control to metabase.xml, and I am running our .net application while
>> logged in to the server via remote desktop as an administrator, so I
>> would
>> expect the application to be running with administrative privileges and
>> therefore be able to read/write to metabase.xml.
>>
>> Why is this happening and what do I need to do to fix it?
>>
>> Thanks for any help
>>
>> Tessa
>

Re: .net application cannot access metabase.xml iis6

am 29.01.2007 07:08:55 von Ken Varn

Re: .net application cannot access metabase.xml iis6

am 29.01.2007 11:21:31 von David Wang

> For a windows app, how would you tell if it is actually
> running with any lesser privileges than the account
> specified in system.environment? I'm not sure
> how you would see if it's impersonating something else.

You can't tell without source code or attaching a debugger to monitor
exactly what happens. Even if you are running MSIL, code execution
eventually boils down to some thread in some Windows process with some
user token performing some action.

But I don't think permissions has anything to do with your issue. I
was simply trying to remind you against making improper assumptions,
especially when troubleshooting.

You have a regular .Net application running on 64bit machine. I
thought you were referring to an ASP.Net application. However, all the
info in my blog entry still apply, just not the parts related to IIS
like Enable32bitAppOnWin64

Make sure your .Net EXE is considered 64bit and not 32bit. Even though
your code in MSIL is platform agnostic, it is still launched from a
platform-specific EXE wrapper -- and I believe that wrapper is x86
(32bit) -- hence it is not able to read from %windir%\System32.

Recompile that application with x64 csc.exe/vbc.exe to get a 64bit EXE
wrapper, and it should work on your 64bit machine.

Note that a 32bit EXE calling supported APIs like ADSI/WMI would be
able to manipulate IIS configuration in the metabase without issues
nor recompilation on both 32bit and 64bit Windows. Hacks such as
direct manipulation of internal data structures like metabase.xml fall
victim to things like WOW64.

//David
http://w3-4u.blogspot.com
http://blogs.msdn.com/David.Wang
//

On Jan 28, 10:08 pm, "Tessa" wrote:
> Hi,
>
> Thanks for the response,
> However, this is an existing .net Windows application that is editing the
> metabase.xml, it's not an asp.net application.
>
> I have checked by getting it to write to a log file at runtime the value of
> System.Environment.UserDomainName: OURDOMAIN
> System.Environment.UserDomainNameUserName: Administrator
> so from this I'm concluding that it is running as an administrator (ie. it's
> running as the domain admin, which is a member of the administrators group
> on the server)
>
> For a windows app, how would you tell if it is actually running with any
> lesser privileges than the account specified in system.environment?
> I'm not sure how you would see if it's impersonating something else.
>
> It is a 64-bit machine, but it is not configured to run in 32-bit mode as
> far as I can tell
> cscript %SYSTEMDRIVE%\inetpub\adminscripts\adsutil.vbs SET
> W3SVC/AppPools/Enable32bitAppOnWin64 0
> has been run on it so according tohttp://support.microsoft.com/kb/894435it
> ought to be in 64-bit mode ?
>
> How can you tell (e.g. in IIS manager) if IIS is configured to run as
> 32-bit? In any case, it's not an asp.net application that's trying to edit
> metabase.xml , so would that still be significant ?
>
> Thanks for any ideas
>
> Tessa
>
> "David Wang" wrote in messagenews:1170029920.696634.123910@a34g2000cwb.googlegroup s.com...
>
>
>
> >> I am running our .net application while logged
> >> in to the server via remote desktop as an
> >> administrator, so I would expect the application
> >> to be running with administrative privileges and
> >> therefore be able to read/write to metabase.xml.
>
> > Incorrect assumption that the .net application is running with
> > administrative privileges.
>
> > Only IF you know that the application is either:
> > 1. directly impersonating a user with administrative privileges, OR
> > 2. if the .Net application is keeping the impersonated Windows user
> > identity AND IIS is authenticating
>
> > Then you know that a user token with administrative privileges is used
> > by the application.
>
> > My other question -- is this on a 64bit machine and if so, is the
> > worker process configured to run as 32bit? Because a 32bit ASP.Net
> > application is not allowed to touch "C:\WINDOWS\system32\inetsrv
> > \MetaBase.xml" on a 64bit machine. Search my blog for "WOW64" or
> > "64bit" reference to understand more about the expected behavior and
> > how to work with it.
>
> > My recommendation is to not rely on editing metabase.xml to configure
> > IIS because it is not supported as a "programmatic interface". You
> > will see on IIS7 that metabase.xml is deprecated already.
>
> > //David
> >http://w3-4u.blogspot.com
> >http://blogs.msdn.com/David.Wang
> > //
>
> > On Jan 28, 2:22 pm, "Tessa" wrote:
> >> Hi,
>
> >> I have to modify an existing .net windows application that directly edits
> >> the IIS6 metabase.
> >> (I don't have the option of deciding to use ADSI/WMI in a Script because
> >> it's an existing application).
>
> >> It's been working fine for a long time up to now on our test servers and
> >> our
> >> customers' servers (Windows 2003), but now when I've been testing
> >> recently
> >> it I get the error
> >> "Could not find file 'C:\WINDOWS\system32\inetsrv\MetaBase.xml'" when the
> >> application tries to read from or write to the metabase.
>
> >> I have checked - the file is present in the expected location, the Enable
> >> edit while running flag is on in IIS manager,
> >> the ntfs permissions on the file are for Administrators and SYSTEM to
> >> have
> >> full control to metabase.xml, and I am running our .net application while
> >> logged in to the server via remote desktop as an administrator, so I
> >> would
> >> expect the application to be running with administrative privileges and
> >> therefore be able to read/write to metabase.xml.
>
> >> Why is this happening and what do I need to do to fix it?
>
> >> Thanks for any help
>
> >> Tessa- Hide quoted text -- Show quoted text -

Re: .net application cannot access metabase.xml iis6

am 06.02.2007 04:25:42 von Ken Varn

Hi,

Have just been able to put this to the test:

Yes, after compiling for platform "any cpu" as opposed to "x86" in visual
studio 2005, the application can edit metabase.xml, so that explains the
problem.
However, it was originally compiled for x86 only because it calls other dlls
that only work in 32-bit. We'll have to deal with them separately.....

Thanks for your help

Tessa

"David Wang" wrote in message
news:1170066091.389971.61820@h3g2000cwc.googlegroups.com...
>> For a windows app, how would you tell if it is actually
>> running with any lesser privileges than the account
>> specified in system.environment? I'm not sure
>> how you would see if it's impersonating something else.
>
> You can't tell without source code or attaching a debugger to monitor
> exactly what happens. Even if you are running MSIL, code execution
> eventually boils down to some thread in some Windows process with some
> user token performing some action.
>
> But I don't think permissions has anything to do with your issue. I
> was simply trying to remind you against making improper assumptions,
> especially when troubleshooting.
>
> You have a regular .Net application running on 64bit machine. I
> thought you were referring to an ASP.Net application. However, all the
> info in my blog entry still apply, just not the parts related to IIS
> like Enable32bitAppOnWin64
>
> Make sure your .Net EXE is considered 64bit and not 32bit. Even though
> your code in MSIL is platform agnostic, it is still launched from a
> platform-specific EXE wrapper -- and I believe that wrapper is x86
> (32bit) -- hence it is not able to read from %windir%\System32.
>
> Recompile that application with x64 csc.exe/vbc.exe to get a 64bit EXE
> wrapper, and it should work on your 64bit machine.
>
> Note that a 32bit EXE calling supported APIs like ADSI/WMI would be
> able to manipulate IIS configuration in the metabase without issues
> nor recompilation on both 32bit and 64bit Windows. Hacks such as
> direct manipulation of internal data structures like metabase.xml fall
> victim to things like WOW64.
>
>
> //David
> http://w3-4u.blogspot.com
> http://blogs.msdn.com/David.Wang
> //
>
>
>
> On Jan 28, 10:08 pm, "Tessa" wrote:
>> Hi,
>>
>> Thanks for the response,
>> However, this is an existing .net Windows application that is editing the
>> metabase.xml, it's not an asp.net application.
>>
>> I have checked by getting it to write to a log file at runtime the value
>> of
>> System.Environment.UserDomainName: OURDOMAIN
>> System.Environment.UserDomainNameUserName: Administrator
>> so from this I'm concluding that it is running as an administrator (ie.
>> it's
>> running as the domain admin, which is a member of the administrators
>> group
>> on the server)
>>
>> For a windows app, how would you tell if it is actually running with any
>> lesser privileges than the account specified in system.environment?
>> I'm not sure how you would see if it's impersonating something else.
>>
>> It is a 64-bit machine, but it is not configured to run in 32-bit mode as
>> far as I can tell
>> cscript %SYSTEMDRIVE%\inetpub\adminscripts\adsutil.vbs SET
>> W3SVC/AppPools/Enable32bitAppOnWin64 0
>> has been run on it so according
>> tohttp://support.microsoft.com/kb/894435it
>> ought to be in 64-bit mode ?
>>
>> How can you tell (e.g. in IIS manager) if IIS is configured to run as
>> 32-bit? In any case, it's not an asp.net application that's trying to
>> edit
>> metabase.xml , so would that still be significant ?
>>
>> Thanks for any ideas
>>
>> Tessa
>>
>> "David Wang" wrote in
>> messagenews:1170029920.696634.123910@a34g2000cwb.googlegroup s.com...
>>
>>
>>
>> >> I am running our .net application while logged
>> >> in to the server via remote desktop as an
>> >> administrator, so I would expect the application
>> >> to be running with administrative privileges and
>> >> therefore be able to read/write to metabase.xml.
>>
>> > Incorrect assumption that the .net application is running with
>> > administrative privileges.
>>
>> > Only IF you know that the application is either:
>> > 1. directly impersonating a user with administrative privileges, OR
>> > 2. if the .Net application is keeping the impersonated Windows user
>> > identity AND IIS is authenticating
>>
>> > Then you know that a user token with administrative privileges is used
>> > by the application.
>>
>> > My other question -- is this on a 64bit machine and if so, is the
>> > worker process configured to run as 32bit? Because a 32bit ASP.Net
>> > application is not allowed to touch "C:\WINDOWS\system32\inetsrv
>> > \MetaBase.xml" on a 64bit machine. Search my blog for "WOW64" or
>> > "64bit" reference to understand more about the expected behavior and
>> > how to work with it.
>>
>> > My recommendation is to not rely on editing metabase.xml to configure
>> > IIS because it is not supported as a "programmatic interface". You
>> > will see on IIS7 that metabase.xml is deprecated already.
>>
>> > //David
>> >http://w3-4u.blogspot.com
>> >http://blogs.msdn.com/David.Wang
>> > //
>>
>> > On Jan 28, 2:22 pm, "Tessa" wrote:
>> >> Hi,
>>
>> >> I have to modify an existing .net windows application that directly
>> >> edits
>> >> the IIS6 metabase.
>> >> (I don't have the option of deciding to use ADSI/WMI in a Script
>> >> because
>> >> it's an existing application).
>>
>> >> It's been working fine for a long time up to now on our test servers
>> >> and
>> >> our
>> >> customers' servers (Windows 2003), but now when I've been testing
>> >> recently
>> >> it I get the error
>> >> "Could not find file 'C:\WINDOWS\system32\inetsrv\MetaBase.xml'" when
>> >> the
>> >> application tries to read from or write to the metabase.
>>
>> >> I have checked - the file is present in the expected location, the
>> >> Enable
>> >> edit while running flag is on in IIS manager,
>> >> the ntfs permissions on the file are for Administrators and SYSTEM to
>> >> have
>> >> full control to metabase.xml, and I am running our .net application
>> >> while
>> >> logged in to the server via remote desktop as an administrator, so I
>> >> would
>> >> expect the application to be running with administrative privileges
>> >> and
>> >> therefore be able to read/write to metabase.xml.
>>
>> >> Why is this happening and what do I need to do to fix it?
>>
>> >> Thanks for any help
>>
>> >> Tessa- Hide quoted text -- Show quoted text -
>

Re: .net application cannot access metabase.xml iis6

am 06.02.2007 13:38:02 von David Wang

If you want a process to load 32bit DLLs (note I'm saying 64bit
process can call 32bit EXE/DLL just fine -- as long as it's not
loading in the same 64bit process) and edit metabase.xml, you will
have to:
1. Compile a 32bit process
2. detect WOW64 on 64bit Windows
3. disable Wow64FileSystemRedirection on 64bit OS to allow the 32bit
process to read inside the System32 directory for metabase.xml
4. Caveat - you cannot do #3 in 32bit Windows, so you must perform #2
and run #3 only on a WOW64 process on 64bit Windows.

Sounds complicated, but that's what happens when you hack around the
built-in compatibility support. 32bit apps aren't supposed to reach
into System32 folder, and those that intentionally do so will need to
write special legacy code.

//David
http://w3-4u.blogspot.com
http://blogs.msdn.com/David.Wang
//

On Feb 5, 7:25 pm, "Tessa" wrote:
> Hi,
>
> Have just been able to put this to the test:
>
> Yes, after compiling for platform "any cpu" as opposed to "x86" in visual
> studio 2005, the application can edit metabase.xml, so that explains the
> problem.
> However, it was originally compiled for x86 only because it calls other dlls
> that only work in 32-bit. We'll have to deal with them separately.....
>
> Thanks for your help
>
> Tessa
>
> "David Wang" wrote in message
>
> news:1170066091.389971.61820@h3g2000cwc.googlegroups.com...
>
>
>
> >> For a windows app, how would you tell if it is actually
> >> running with any lesser privileges than the account
> >> specified in system.environment? I'm not sure
> >> how you would see if it's impersonating something else.
>
> > You can't tell without source code or attaching a debugger to monitor
> > exactly what happens. Even if you are running MSIL, code execution
> > eventually boils down to some thread in some Windows process with some
> > user token performing some action.
>
> > But I don't think permissions has anything to do with your issue. I
> > was simply trying to remind you against making improper assumptions,
> > especially when troubleshooting.
>
> > You have a regular .Net application running on 64bit machine. I
> > thought you were referring to an ASP.Net application. However, all the
> > info in my blog entry still apply, just not the parts related to IIS
> > like Enable32bitAppOnWin64
>
> > Make sure your .Net EXE is considered 64bit and not 32bit. Even though
> > your code in MSIL is platform agnostic, it is still launched from a
> > platform-specific EXE wrapper -- and I believe that wrapper is x86
> > (32bit) -- hence it is not able to read from %windir%\System32.
>
> > Recompile that application with x64 csc.exe/vbc.exe to get a 64bit EXE
> > wrapper, and it should work on your 64bit machine.
>
> > Note that a 32bit EXE calling supported APIs like ADSI/WMI would be
> > able to manipulate IIS configuration in the metabase without issues
> > nor recompilation on both 32bit and 64bit Windows. Hacks such as
> > direct manipulation of internal data structures like metabase.xml fall
> > victim to things like WOW64.
>
> > //David
> >http://w3-4u.blogspot.com
> >http://blogs.msdn.com/David.Wang
> > //
>
> > On Jan 28, 10:08 pm, "Tessa" wrote:
> >> Hi,
>
> >> Thanks for the response,
> >> However, this is an existing .net Windows application that is editing the
> >> metabase.xml, it's not an asp.net application.
>
> >> I have checked by getting it to write to a log file at runtime the value
> >> of
> >> System.Environment.UserDomainName: OURDOMAIN
> >> System.Environment.UserDomainNameUserName: Administrator
> >> so from this I'm concluding that it is running as an administrator (ie.
> >> it's
> >> running as the domain admin, which is a member of the administrators
> >> group
> >> on the server)
>
> >> For a windows app, how would you tell if it is actually running with any
> >> lesser privileges than the account specified in system.environment?
> >> I'm not sure how you would see if it's impersonating something else.
>
> >> It is a 64-bit machine, but it is not configured to run in 32-bit mode as
> >> far as I can tell
> >> cscript %SYSTEMDRIVE%\inetpub\adminscripts\adsutil.vbs SET
> >> W3SVC/AppPools/Enable32bitAppOnWin64 0
> >> has been run on it so according
> >> tohttp://support.microsoft.com/kb/894435it
> >> ought to be in 64-bit mode ?
>
> >> How can you tell (e.g. in IIS manager) if IIS is configured to run as
> >> 32-bit? In any case, it's not an asp.net application that's trying to
> >> edit
> >> metabase.xml , so would that still be significant ?
>
> >> Thanks for any ideas
>
> >> Tessa
>
> >> "David Wang" wrote in
> >> messagenews:1170029920.696634.123910@a34g2000cwb.googlegroup s.com...
>
> >> >> I am running our .net application while logged
> >> >> in to the server via remote desktop as an
> >> >> administrator, so I would expect the application
> >> >> to be running with administrative privileges and
> >> >> therefore be able to read/write to metabase.xml.
>
> >> > Incorrect assumption that the .net application is running with
> >> > administrative privileges.
>
> >> > Only IF you know that the application is either:
> >> > 1. directly impersonating a user with administrative privileges, OR
> >> > 2. if the .Net application is keeping the impersonated Windows user
> >> > identity AND IIS is authenticating
>
> >> > Then you know that a user token with administrative privileges is used
> >> > by the application.
>
> >> > My other question -- is this on a 64bit machine and if so, is the
> >> > worker process configured to run as 32bit? Because a 32bit ASP.Net
> >> > application is not allowed to touch "C:\WINDOWS\system32\inetsrv
> >> > \MetaBase.xml" on a 64bit machine. Search my blog for "WOW64" or
> >> > "64bit" reference to understand more about the expected behavior and
> >> > how to work with it.
>
> >> > My recommendation is to not rely on editing metabase.xml to configure
> >> > IIS because it is not supported as a "programmatic interface". You
> >> > will see on IIS7 that metabase.xml is deprecated already.
>
> >> > //David
> >> >http://w3-4u.blogspot.com
> >> >http://blogs.msdn.com/David.Wang
> >> > //
>
> >> > On Jan 28, 2:22 pm, "Tessa" wrote:
> >> >> Hi,
>
> >> >> I have to modify an existing .net windows application that directly
> >> >> edits
> >> >> the IIS6 metabase.
> >> >> (I don't have the option of deciding to use ADSI/WMI in a Script
> >> >> because
> >> >> it's an existing application).
>
> >> >> It's been working fine for a long time up to now on our test servers
> >> >> and
> >> >> our
> >> >> customers' servers (Windows 2003), but now when I've been testing
> >> >> recently
> >> >> it I get the error
> >> >> "Could not find file 'C:\WINDOWS\system32\inetsrv\MetaBase.xml'" when
> >> >> the
> >> >> application tries to read from or write to the metabase.
>
> >> >> I have checked - the file is present in the expected location, the
> >> >> Enable
> >> >> edit while running flag is on in IIS manager,
> >> >> the ntfs permissions on the file are for Administrators and SYSTEM to
> >> >> have
> >> >> full control to metabase.xml, and I am running our .net application
> >> >> while
> >> >> logged in to the server via remote desktop as an administrator, so I
> >> >> would
> >> >> expect the application to be running with administrative privileges
> >> >> and
> >> >> therefore be able to read/write to metabase.xml.
>
> >> >> Why is this happening and what do I need to do to fix it?
>
> >> >> Thanks for any help
>
> >> >> Tessa- Hide quoted text -- Show quoted text -- Hide quoted text -
>
> - Show quoted text -