[THIN] Re: Failed to create sample logon point - Solution

• From: "Tim Anderson" <timothylanderson@xxxxxxxxx>
• To: thin@xxxxxxxxxxxxx
• Date: Mon, 5 Mar 2007 10:59:05 -0600

I see that Citrix updated the technote to include adding these permissions
for the NETWORK SERVICE account after I posted.  LOL!

Regards

On 3/2/07, Tim Anderson <timothylanderson@xxxxxxxxx> wrote:

Just thought I would share with this excellent list something I came
across today and include a question.  When doing an AAC 4.5 install on a
fresh W2K SP1 fully patched VM I received a "Failed to create sample logon
point".  None of the solutions provide in the Citrix technote (
http://support.citrix.com/article/CTX107240) worked, although I did have
to turn off DEP.  The event logs showed this error:

Event code: 3005
Event message: An unhandled exception has occurred.
Event time: 3/2/2007 2:43:31 PM
Event time (UTC): 3/2/2007 8:43:31 PM
Event ID: d76df30f893e45d3821b465a8cf80978
Event sequence: 1
Event occurrence: 1
Event detail code: 0

Application information:
    Application domain:
/LM/W3SVC/1/Root/CitrixAuthService-5-128173418114919635
    Trust level:
    Application Virtual Path: /CitrixAuthService
    Application Path: c:\inetpub\wwwroot\CitrixAuthService\
    Machine name: AAC

Process information:
    Process ID: 3056
    Process name: w3wp.exe
    Account name: NT AUTHORITY\NETWORK SERVICE

Exception information:
    Exception type: HttpException
    Exception message: The current identity (NT AUTHORITY\NETWORK SERVICE)
does not have write access to
'C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files'.

Request information:
    Request URL: http://localhost/CitrixAuthService/AuthService.asmx
    Request path: /CitrixAuthService/AuthService.asmx
    User host address: 127.0.0.1
    User:
    Is authenticated: False
    Authentication Type:
    Thread account name: NT AUTHORITY\NETWORK SERVICE

Thread information:
    Thread ID: 1
    Thread account name: NT AUTHORITY\NETWORK SERVICE
    Is impersonating: False
    Stack trace:    at 
System.Web.HttpRuntime.SetUpCodegenDirectory(CompilationSection
compilationSection)
   at System.Web.HttpRuntime.HostingInit(HostingEnvironmentFlags
hostingFlags)


After giving the NETWORK SERVICE account permissions to write to
%SystemRoot%\Microsoft.NET\Framework\v2.0.50727, I was able to create the
sample logon point.  By giving the NETWORK SERVICE account write permissions
in the .NET Framework am I opening up something that should not be open?
Would it be wise to remove those permissions and reinstate them if I need to
create another logon point?

Regards,

Tim

• Follow-Ups:
  • [THIN] Re: Failed to create sample logon point - Solution
    • From: Steve Greenberg

• References:
  • [THIN] Failed to create sample logon point - Solution
    • From: Tim Anderson

Other related posts:

• » [THIN] Failed to create sample logon point - Solution
• » [THIN] Re: Failed to create sample logon point - Solution
• » [THIN] Re: Failed to create sample logon point - Solution

1. Home
2. thin
3. Archive
4. 03-2007

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---