When you access remote resources with the FileSystemObject
through Active Server Pages (ASP), one of the following errors occurs:
Microsoft VBScript runtime error '800a004c' Path not
Microsoft VBScript runtime error
'800a0046' Permission denied
error 'ASP 0177 : 800a0046' Server.CreateObject Failed
If you edit the metabase incorrectly, you can cause serious problems that may require you to reinstall any product that uses the metabase. Microsoft cannot guarantee that problems that result if you incorrectly edit the metabase can be solved. Edit the metabase at your own risk.Note
Always back up the metabase before you edit it.
Use the following steps to resolve this
- Open the User Manager for Domains on the remote computer and create an account named IUSR_ComputerName (of the Web server). Give that account the same password that is
used on the IUSR_ComputerName on the Web server. If the Web site is running in
a separate memory space, then you must use the IWAM_ComputerName account
instead of the IUSR_ComputerName account.
Note: If you do not know the password of the IUSR_ComputerName, then you must assign a new password to this user. You must then
use User Manager for Domains to change the password for the IUSR_ComputerName account on the Web server. You must also use the command line
utility Adsutil.vbs to change the password in the metabase. To do so, open a
command prompt and change directories into Winnt\System32\Inetsrv\Adminsamples
(for Windows NT 4.0) or Inetpub\Adminscripts (for Windows 2000). Next, type the
following to change the password for the IUSR_ComputerName account:
cscript adsutil.vbs set w3svc/anonymoususerpass "password" Or, to get the password for the IWAM_ComputerName account type to
cscript.exe adsutil.vbs get w3svc/wamuserpassNotes
- If you are using a Windows 2000 domain controller or a Windows NT
4.0 primary domain controller (PDC), you must use a domain account instead of
using the IUSR_ComputerName account. You may have to wait for the domain to synchronize
before that account becomes available.
- When you try to obtain the password in Windows NT 4.0, the password appears as clear text. However, the password appears as asterisks in Windows 2000 and in Windows Server 2003. To obtain the password in clear text in Windows 2000 and in Windows Server 2003, you must modify the Adsutil.vbs file so that the file displays the unmasked password. To do this, follow these steps:
- In Notepad, open Adsutil.vbs.
- On the Edit menu, click Find.
- Type IsSecureProperty = True, and then click Find Next.
- Change "IsSecureProperty = True" to "IsSecureProperty = False".
- Save the changes to the Adsutil.vbs file, and then exit Notepad.
- Create a share on the remote server named "files" and
assign Read/Write permissions to that share for the user you just created.
- Use the Internet Service Manager of IIS 4.0 to change the
authentication method to anonymous access and synchronize the password with the
account you created in the previous step:
- Open the Internet Service Manager.
- Right-click the Web Application, and select Properties.
- Select the Directory Security tab.
- Select Edit from the "Enable Anonymous Access and Authentication Control"
- From the dialog box that appears, make sure that "Allow
Anonymous Access" is selected, and then click Edit.
- De-select the "Enable Automatic Password
Synchronization" option and type in the username(IUSR_ComputerName) and the password.
- Created an ASP page in the Web Project to write to a text
file like the following:
Set ScriptObject = Server.CreateObject("Scripting.FileSystemObject")
Set MyFile =
MyFile.WriteLine "*** Write file test ***"
Myfile.writeline " file was written to at: " & Now
Myfile.writeline " "
- Save the page and preview it in the browser.
- The ASP code successfully created a text file located here:
This behavior is by design.
The authenticating user needs to have the proper NTFS and
share permissions to the resource that is being accessed. If using anonymous
access, the authenticating user will be the IUSR_ComputerName
account. If you need to access the resource using an
authenticated user, you can only use Basic Authentication. NTLM and Windows
Integrated Authentication (Windows 2000) cannot access remote resources because
of a delegation problem. See the following article on the Microsoft Developer
Network (MSDN) for more information:
In a Windows 2000 environment, you can enable delegation and use
Windows Integrated Authentication for your site. For more information on using
delegation in Windows 2000, see the following article on the Microsoft
TechNet Web site:
For more information, click the following article numbers to view the articles in the Microsoft Knowledge Base:
FIX: ASP fails to access network files under IIS 4.0 and IIS 5.0
Error 800a0035 when you use the FileSystemObject object
Article ID: 197964 - Last Review: March 22, 2007 - Revision: 7.7
- Microsoft Active Server Pages 4.0
- Microsoft Internet Information Server 3.0
- Microsoft Internet Information Server 4.0
- Microsoft Internet Information Services 5.0
|kbbug kbcodesnippet kberrmsg kbfix kbfso kbiis500fix kboswin2000fix kbprb kbscript kbsecurity KB197964|