windows 更改应用程序池标识时出错
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/7330903/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Error while changing identity for application pool
提问by Pavel F
I try change identity for application pool on Windows Azure. My project uses this application pool when works on Windows Azure. By default application pool uses NetworkService identity, but I must use another identity. I try change it in OnStart()event of WebRole by this way:
我尝试在 Windows Azure 上更改应用程序池的标识。我的项目在 Windows Azure 上运行时使用此应用程序池。默认情况下,应用程序池使用 NetworkService 标识,但我必须使用另一个标识。我尝试OnStart()通过这种方式在WebRole 事件中更改它:
using (ServerManager serverManager = new ServerManager())
{
string appPoolName =
serverManager.Sites[RoleEnvironment.CurrentRoleInstance.Id + "_Web"]
.Applications.First().ApplicationPoolName;
var appPool = serverManager.ApplicationPools[appPoolName];
appPool.ProcessModel.UserName = Environment.MachineName + "\UserName";
appPool.ProcessModel.IdentityType = ProcessModelIdentityType.SpecificUser;
appPool.ProcessModel.Password = "UserPassword";
serverManager.CommitChanges();
}
But I get exception with next message:
但我收到下一条消息的异常:
System.Runtime.InteropServices.COMException (0x80090016):
Keyset does not exist (Exception from HRESULT: 0x80090016)
at Microsoft.Web.Administration.Interop.AppHostWritableAdminManager.CommitChanges()
at Microsoft.Web.Administration.Configuration.CommitChanges()
at Microsoft.Web.Administration.ConfigurationManager.CommitChanges()
at Microsoft.Web.Administration.ServerManager.CommitChanges()
at Project.Web.WebRole.OnStart() in E:\Projects\...\Web\WebRole.cs:line 57
If I change identity in IIS manager I don't get any error. What is wrong with my code and why do I get this error?
如果我在 IIS 管理器中更改身份,则不会出现任何错误。我的代码有什么问题,为什么会出现此错误?
采纳答案by Pavel F
ok, here is my answer. This error occurs because NetworkService identity doesn't have Read access on the iisWasKey key. More information and how to resolve this problem I found here: "Keyset does not exist" error message when you try to change the identity of an application pool
好的,这是我的答案。发生此错误的原因是 NetworkService 身份对 iisWasKey 密钥没有读取权限。我在此处找到了更多信息以及如何解决此问题:当您尝试更改应用程序池的标识时出现“密钥集不存在”错误消息
回答by dunnry
Updates to the applicationHost.config require administrative privileges. When you run locally, you are an administrator. In the cloud, your RoleEntryPoint runs as a normal user unless you elevate the role. Have you done so?
更新 applicationHost.config 需要管理权限。当您在本地运行时,您就是管理员。在云中,除非您提升角色,否则您的 RoleEntryPoint 作为普通用户运行。你这样做了吗?
Check to see if you have <Runtime executionContext="elevated"/>specified inside your role declaration in ServiceDefinition.csdef.
检查您是否已<Runtime executionContext="elevated"/>在 ServiceDefinition.csdef 中的角色声明中指定。
Edit: Wade also showed how to do this using a slightly different method (check the comments). Try this as well
编辑:韦德还展示了如何使用稍微不同的方法来做到这一点(检查评论)。 也试试这个
