Forum Moderators: open
In IIS, I have tried giving the visitor permissions to run the application by creating a separate application pool, creating a web service extension, etc, but it will not run.
The only way it will run is if I give the anonymous user temporary access to execute CMD.EXE in system32. Obviously I do not want to do this but I can not find a way for it to run otherwise.
I am using IIS 6.0 and know there are security restrictions to this sort of thing. Is there a secure way to give the visitor access to run a CLI based application?
Below is a sample of the PHP script:
Built the Executable statement $LOCALAPPLICATION_Appl = "$LOCALAPPLICATION_ -r $LOCALAPPLICATION_RegNum";
$LOCALAPPLICATION_Parms = "-s -p -l $LogFile -o $OutPdfFile $InPdfFile $InFdfFile";
$LOCALAPPLICATION_Cmd = $LOCALAPPLICATION_Appl . $LOCALAPPLICATION_Parms;#Execute the LOCALAPPLICATION_ command line and get the return code.
$Return = system($LOCALAPPLICATION_Cmd);
and some suggestions in other dev circles, it looks like giving R ACL access to IUSR_LOCAL is normal to run CLI commands. Is this accurate? I will look at other resources but want to be sure.
If you want to do the same thing as with PHP but on IIS, you need to use ASP.Net. Have a look at the Process class documentation for details on how to do it.
