Authentication Dialog after adding dwp to a site

Topics: User Forum
May 19, 2006 at 9:45 AM
Hi

I exactly followed your install instruction (on your blog page on
http://weblogs.asp.net/bsimser/archive/2006/05/15/446555.aspx) a few days ago.

I was stuck at the point, where you have to modify (or create?) the Custom Policy File (Step 4). Well I found out that I have to modify the WSS_Medium* file located somewhere on the server.

So I backed up the original file, made the modifications and finally I resetted the iis.

so far so good.

then I created a document library on a wss subwebsite (teamsite template) with a "Website Template" instead of word template.

I then created a new website (one collumn only). Then I clicked at "Add Webpart to WebPartZone", imported the dwp and after saving the changed i was asked to enter the credentials into a login box.

ups.
none of the credentials I entered have been accepted :(

ok, then I created a new aspx website (with frontpage) in the root of the subwebsite.
imported the dwp (same way as described above).
after saving the changes the same happended.

I got the login dialog.

my system:
windows 2003 standard SP1 (technet edition) english version
IIS 6.0
ASP.NET 1.1.x
SQL Server 2003 SP3a (or maybe 4?)
wss services 2.0 german edition
english language pack installed
(tried the dwp on an german and english website; no change)

the wss site owner has user rights on the server

no domain is available

thanks for hlp



Coordinator
May 19, 2006 at 12:11 PM
What is the AppPool user running under? If it's NETWORK_SERVICE it might not work, you'll just need to create a local admin account and use that.
May 20, 2006 at 4:19 PM
Do I really need to run the app pool as a local admin to get it to work?

Had similar problems as above which was fixed by changing the identity of the app pool to Local System.
Coordinator
May 21, 2006 at 1:44 AM
Unfortunately the web part runs as the AppPool user to do it's stuff and generally this account is a local or domain account. As SYSTEM it doesn't have any privledges (or enough of them). It's better for your setup overall to run as an account rather than SYSTEM as you can have more/better control over access anyways.
May 21, 2006 at 10:56 AM
What is it that the webpart needs to do that requires those rights?

I got the web part to work pretty good now, and I think it looks great. But I it would be better if it could run with Network Service for the app pool.

Got some other problems which I don't know if they're related. If running the site with anonymous rights, and having the webpart on the home page, theres only an access denied (from IIS) page. No login prompt.
Coordinator
May 21, 2006 at 6:57 PM
Like I've said before, the web part does all adding and editing of lists and list items via the AppPool account. This is so you don't have to manually add hundreds of people to 5 lists everytime they want access to the site (and the way the forums works you can't pull it off with just one list).

As for anonymous access, again it's not meant to work in the scenario but I can look at what might be done to accomodate it in the future however things like Anonymous portals are not supported (by Microsoft) so I don't know how much effort I'll sink into this.