FIX: "Failed to start monitoring directory changes" error message when you browse to an ASP.NET page (317955)
The information in this article applies to:
- Microsoft ASP.NET (included with the .NET Framework) 1.0
This article was previously published under Q317955 SYMPTOMS
When you browse to an ASP.NET (.aspx) page, you may receive one of the following error messages:
Access denied to 'D:\MyWeb\Users\MainDirectory\MyApplication\' directory. Failed to start monitoring directory changes.
Access denied to 'D:\MyWeb\Users\MainDirectory\MyApplication\SamplePage.aspx'. Failed to start monitoring file changes.
For more information about the call stack traces that are associated with each of these error messages, see the "More Information" section.
CAUSE
To detect file changes, the process identity and the impersonated user identity must have specific permissions to all of the directories in the hierarchy of the file path for the file that ASP.NET is monitoring if any of the directories in that hierarchy have more than eight characters in their names.
Some examples of the files that ASP.NET monitors are as follows:
- Web.config files
- Machine.config files
- Files in the Bin directory of an ASP.NET application
- Cache dependency files
You receive the first error message if the Aspnet_wp.exe process identity (the ASPNET account by default) does not have permissions on at least one of the directories in the hierarchy of that file path.
You receive the second error message if the impersonated account does not have permissions on at least one of the directories in the hierarchy of that file path.
RESOLUTION
Use either of the following methods to resolve this problem.
Method 1
Make sure that all of the directory names in the hierarchy of that file path are less than nine characters long.
For example:
C:\Web\Users\MainDir\Site1
Note If you rename the directories so that the length of each directory name is now fewer than nine characters, after you make the required changes in the configuration of the Web site in Microsoft Internet Information Services (IIS) to deal with the directory renaming, you have to restart IIS. Method 2
Grant the required permissions on all of the directories in that hierarchy to the ASP.NET process account (ASPNET by default) or to the impersonated account (if impersonation is turned on). To do this, follow these steps:
- In Windows Explorer, browse to the application folder or to the virtual directory that contains the content (for example, D:\MyWeb\Users\MainDirectory\MyApplication).
- Right-click the folder, and then click Properties.
- On the Security tab, click Add.
- Type ComputerName\ASPNET (for example, on a computer that is named Webdev, type Webdev\ASPNET), and then click OK. If impersonation is turned on, you must also add the impersonated accounts.
- Allow the following permissions for the ASPNET account (and for the impersonated accounts if impersonation is turned on):
- Read & Execute
- List Folder Contents
- Read
- Click OK to close the Properties dialog box and to save the changes.
- Repeat steps 2 through 6 for all of the folders in the hierarchy of the path. For example:
- D:\MyWeb\Users\MainDirectory
- D:\MyWeb\Users
- D:\MyWeb
- D:\
If you want to grant more restrictive permissions to these folders, follow these steps after you complete step 5:
- Click Advanced.
- On the Permissions tab, click the permission entry for the ASPNET account (or another impersonated account), and then click Edit.
- Click Clear All, and then click to select the Allow check box for the List Folder / Read Data permission.
NOTE: The application virtual directory (for example, D:\MyWeb\Users\MainDirectory\MyApplication) must have at least the permissions that are specified in step 5. - Restart IIS.
Method 3If your computer is running IIS 6.0, grant the required permissions on all the folders in that hierarchy to the Network Service account. To do this, follow these steps: - In Windows Explorer, locate the application folder or the virtual directory that contains the content (for example, D:\MyWeb\Users\MainDirectory\MyApplication).
- Right-click the folder, and then click Properties.
- On the Security tab, click Add.
- Type ComputerName\NETWORK SERVICE (for example, on a computer that is named Webdev, type Webdev\NETWORK SERVICE), and then click OK. If impersonation is turned on, you must also add the impersonated accounts.
- Allow the following permissions for the Network Service account (and for the impersonated accounts if impersonation is turned on):
- Read & Execute
- List Folder Contents
- Read
- Click OK to close the Properties dialog box and to save the changes.
- Repeat steps 2 through 6 for all the folders in the hierarchy of the path. For example:
- D:\MyWeb\Users\MainDirectory
- D:\MyWeb\Users
- D:\MyWeb
- D:\
If you want to grant more restrictive permissions to these folders, follow these steps after you complete step 5:- Click Advanced.
- On the Permissions tab, click the permission entry for the Network Service account (or another impersonated account), and then click Edit.
- Click Clear All, and then click to select the Allow check box for the List Folder / Read Data permission.
Note The application virtual directory (for example, D:\MyWeb\Users\MainDirectory\MyApplication) must have at least the permissions that are specified in step 5. - Restart IIS.
Note These steps are only valid for Web applications that are hosted in IIS 6.0. STATUSMicrosoft has confirmed that this is a bug in the Microsoft products that are listed at the beginning of this article.
This bug was corrected in ASP.NET (included with the .NET Framework) 1.1.
REFERENCES
For additional information about the same error message in a different scenario, click the following article number to view the article in the Microsoft Knowledge Base:
316721
"Failed to start monitoring directory changes" error message when you browse to ASP.NET page
For additional information about the permissions that the ASPNET account requires to run your ASP.NET applications, click the following article number to view the article in the Microsoft Knowledge Base:
317012
Process and request identity in ASP.NET
For additional information about ASP.NET security, click the following article number to view the article in the Microsoft Knowledge Base:
306590
ASP.NET security overview
Modification Type: | Minor | Last Reviewed: | 7/8/2005 |
---|
Keywords: | kbfix kbbug kbCaching kbpending kbSecurity KB317955 |
---|
|