Getting Started (.Net) |
||||
Getting Started (.NET Framework)
1. Create a local account (for example, “CustomASPNET”) 2. Make sure you use a strong password for the account. 3. Clear the User must change password at next logon option. 4. Select the Password never expires option. This procedure assigns the minimum set of privileges necessary to run ASP.Net.
Note To assign a privilege to an account, double-click the privilege, and the click Add to select the required account. Close the tool. This procedure grants the custom ASP.Net account required NTFS permissions within the local file system. Note The steps in this procedure apply to the file system on the Web server (and not a remote computer, where you may be duplicating the account, for network authentication purposes).
Assigning NTFS permissions Start Windows Explorer and assign the appropriate permissions to the folders specified in [Table #1]. Note To change permissions in Windows Explorer, Right click the folders in Windows Explorer, click the Properties menu option, and select the Security tab. To apply changes to child objects click the Advanced button on the properties dialog box, and select the option Replace permission entries on all child objects with entries shown here that apply to child objects. Click OK on the Advanced Security Setting dialog box, and then click Apply, or OK. 4. Configure ASP.Net to Run Using the New Account This procedure edits the machine.config to configure ASP.NET to run using the new account.
To Configure ASP.NET to run using the new account
1. Open
machine.config using Visual Studio.Net or Notepad. C:\WINNT\Microsoft.NET\Framework\<version>\CONFIG\ 2. Locate the <processModel> element and set the user name and password attributes to match your new custom account. Default: <!—username=”machine” password=”AutoGenerate” -- > Becomes: <!—username=”CustomASPNET” password=”YourStrongPassword” -- > 3. Save the changes to machine.config Note With the current release of the .NET Framework, there is no way to avoid storing the password in clear text. While storing clear text credentials is not recommended, the machine.config file is considered more secure because it is located outside the Web space. You should secure machine.config against unnecessary access by using an appropriately configured ACL. In Windows Server 2003, the credentials will be encrypted for greater protection. |
||||
Copyright © 2003, 1991 - 2002 |
||||
|
||||
Last Updated 06/30/2004 |