Wanted to get my first SqlCE site up and running tonight but ran into several problems that seemed to take a long time to solve in conjunction with the hosting company.  Got it all working in the end but not knowing a huge amount about IIS I wanted to check it was OK .......

I downloaded and unzipped 2-3-5-1 and uploaded it then set the permission on App_Data and Data to be writeable by IIS_WPG and Network Service - tried that and got file permissions OK but access denied (mscorlib error).  Noticed the readme in the download file and also added the application identity to it but got the same error.  I spoke with the hosting company and also noticed some asp errors in the event log/application section.  They re-registered asp.net 4.0 and then added full permissions to ASP.NET and Modify permissions to Network and Network Service users and then it all seemed to work fine, the identity on the application user seems to just have List Folder Content rights.....

The server is running on MS2003 and IIS 6.0 with full details below.  It is all working fine now but I just wanted to check whether this setup was acceptable and pass this info on to anyone else who experiances the same.  It may all have been caused by the whole asp.net 4.0 apparently needing registering again (although my other mojo sites were running fine during this period as I checked them!?)

mojoPortal Version 2.3.5.1 SqlCe
Operating System Microsoft Windows NT 5.2.3790 Service Pack 2
ASP.NET Version v4.0.30319 Running in Full Trust
Server Time Zone GMT Daylight Time
Server Local Time (GMT 1) 15/08/2010 23:22:38
Greenwich Mean Time (GMT/UTC) 15/08/2010 22:22:38

Thanks for the great work on this Joe, having been through the process once I can hopefully get mojo sites up and running faster than ever now! :-)

Regards

Andrew

Hi Joe,

Thanks for notifying me of this and the potential security risks.  This is on a cloud VPS system and no other sites have the same config - the MSSQL based sites have always worked fine with the setting Joe A has given - IIS_WPG and NetworkService having write access.  Can you confirm that these 2 still need the same access and in addition to set write access for the identity of your .NET Application Pool (which looks like IWPD_8(ftpxxxxxxx) - although as the server has plesk on it they appear in the permissions as Plesk IIS WP User(computer_name\IWPD_8(ftpxxxxxxx))

**I have been looking into this and I don't think IIS_WPG will need to be there as it is running on a dedicated application pool.....?

Thanks for your help,

Regards

Andrew

Thanks for the clarification Joe will alter accordingly, recycle the app pool and start and stop the site then run setup again to make sure it all works properly - I am glad you posted the additional info as I was just checking a MSSQL mojoportal site that I have running to compare permissions and it seemed to have 'lost' the IIS_WPG and Network Service permissions I set but I know it has all been working fine - your explanation saved me some time going in circles! 

Thanks to both Joe's for the assistance 

EDIT - OK reset the permissions to just he app pool ID and removed the others.  Recycled the app pool, stopped and restarted the site and ran setup again - all works fine........ I think sometimes I just like to over complicate things!!