04-09-2019 11:29 AM
I have a core-based workflow that saves a copy of the document to a network drive using the 'Export to Network Location' action. And, it is not working.
Diagnostics states: 'Export to Network Location' Doc 3986035: Exception Type 'System.UnauthorizedAccessException' Message 'Access to the path '\\XYZ\3986035.TIF' is denied.
MRG states: This should be a network location to which the user configured to run the IIS application pool, or the user being impersonated, has
appropriate rights.
1. Which app pool actually runs the workflow? I assume OnBaseApp.
2. Our App Pools are run as a NetworkService. How do I grant rights to the network folder for a NetworkService?
04-09-2019 12:30 PM
1. You can see which apppool is used by looking at the advanced settings for the web application running the app server. Here is a screenshot of my demo machine running the INETMGR windows admin snapin.
2. Network Service? Are you 100% sure your solution was not installed with the best practice of Identity Impersonation turned on? You may want to double check your application server web.config. Here is an example of a demo system not using Identity Impersonation:
Past this point, regardless of if you are or are not using Network Service, standard Windows/Network Admin steps can be followed for the task of folder sharing.
04-09-2019 01:53 PM
OK I found the username and password in the Registry. However they were encrypted by aspnet_setreg.exe ( I assume). How do you decrypt?
04-09-2019 02:24 PM
So you are confirming that Identity Impersonation is turned on? That's good news.
You can't really decrypt the credentials with the standard set of tools installed- it's meant to be secure. However, you can replace the user using Web Application Management console (installed on the Application Server). The option is in the Tools > Impersonation menu.
Find what you came for
We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.