I have a JScript based ASP page (IIS 5.0) that must launch an exe file on the server. Thing is, this exe (an ldapsearch client) then connects to another server (an LDAP server, obviously) to get its return information and pass it back to the waiting ASP page variable.

I cannot get this to work from a webpage, but it works fine when run through command prompt locally (logged in as admin in this case).

Anybody have ideas on the permissions or anything else I should be looking at to make this work? Urgent response required if at all possible!! Thanks!

LB

hi lb

the iis acceess the system resources or more specifically anything outside its own space by using iusr_<computername> or iwam_<computername> accounts. These accounts are guest account and have limited access. I hope this is the rael bottleneck for you. If you are hosting your own web server then try changing the access permission of these accounts.

You are able to execute through commandline because that action is using admin account (as stated by you).

Anubhav Kumar

Thanks for responding. I'll give you an update.

The exe file I'm trying to execute is an LDAP client tool for IBM directory server 4.1. There are a bunch of dll's that need to be available for the tool to use, in the same folder as the exe, for it all to work.

I have since used cacls on the exe file and given IUSR_<computername> read/execute privs on it. What happens now is when the ASP script attempts to run the file, I get a popup error on the server that the exe is complaining it can't find one of it's dll's, and it cites that the dll wasn't found in any of the paths in the system Path variable. Thing is, the correct path is listed in that variable, and you can even see it in the error msg!

Should I give more permissions to the IUSR account to the exe's parent folder and other dll files?

Any ideas?