One moment please...
 
E-WMS   
 

How to grant file rights on the E-WMS IIS folder


This document describes how to configure file rights needed for E-WMS on the IIS server, when using Internet Explorer as client application.

 

In order to run E-WMS client in Internet Explorer (on PC or mobile device), some local system accounts need local file rights on the folder where the E-WMS IIS files are located.  When using WMSClient (CAB installation on mobile device or WMSClient.msi installation on PC), this document does not apply.

The reason for these required rights is that E-WMS will save the selected layout (device model or resolution, linked to the devices network MAC address) in file terminals.config in the WMS ASP folder. When using WMSclient, this method is not used.  Typical behavior when these rights are missing, is that the WMS 'device setup' page DeviceSetup.aspx will keep showing.


Determine ASP.NET account

First, the system account used for ASP.NET needs rights. You can check what system account is used for ASP.NET, by checking the 'logon account' for the Windows service 'ASP.NET State Service', on the IIS server:

  • Go to Start, Settings, Control Panel, Administrative tools, Services
  • locate "ASP.NET State Service"
  • Right-click on this service and choose Properties, tab Log On

    The account used will in most cases be "NT AUTHORITY\NetworkService" or "Network Service".

    (Windows XP/2003)
    (Windows 7/2008)


Determine IIS account

Next, the default system account used for IIS processes needs to be determined. Please see document E-WMS ASP: how to determine the IIS user name.

Normally, this user name would be 'IUSR', 'IISUSR' or an account named 'IUSR' + server name.

 

Grant rights

In File Explorer, browse to the folder where the E-WMS IIS files are located, for example C:\E-WMS\IIS.

Right-click this folder and choose Properties, tab 'Security'.

If you are missing tab 'Security', disable option 'Use simple file sharing' in Windows Explorer menu Tools, Folder options, tab View.


Grant the following local users or groups at least 'modify' rights:

  • the ASP.NET State Service login account ("Network service", as determined earlier)
  • IIS user (IUSR, IISUSR or IUSR_pcname) also listed as "Internet guest account", as determined earlier
  • IIS_IUSRS group (noted on Windows 2008 server)
  • ASPNET user (may not exist, than disregard)
  • In some cases it may be necessary to also include the local group Everyone

If these users are not in the security list, here is how to add these users or groups:

  • On Windows 7/2008: press Edit first
     
  • Press Add, Advanced.
     
  • Make sure that 'location' indicates the local server or PC and not your network domain. Change if necessary by using button Locations.
     
  • Press Find now
     
  • You will see a list of local users and groups, select the user(s) that were missing (CTRL+Click enables multi select)

     
  • Press OK, the users are added in the previous screen, press OK again.
     
  • Now select each user and grant at least modify rights

     
  • Press OK when done

Pick-it

Related documents

 

     
 Main Category: Support Product Know How  Document Type: Support - On-line help
 Category: On-line help files  Security  level: All - 0
 Sub category: Details  Document ID: 21.156.544
 Assortment: E-WMS  Date: 17-08-2017
 Release:  Attachment:
 Disclaimer