We have been having issues migrating to a new IIS server as many of the documents accessible through our web apps cannot be edited. This includes things such as XML files we use for settings.

When we try and overwrite existing files (that have been copied from the old IIS server) with new versions, for instance a new settings.xml file, we get permission denied. We have a number of things to give the app pool permission to overwrite files but we have not been successful. This includes giving the NETWORK SERVICE user account full control over the file as well as the folder.

This issue, however, goes away if we delete these files and regenerate them from scratch. For instance the settings.xml file can be deleted manually, then the app can regenerate one with default values. This works fine.

Basically the issue is that if we copy files ourselves into the folder, the web app throws an

"Access to the path [..FILENAME..] denied"

however we remove that file and allow the web app to generate the file on it's own, it then has full access to the file and can overwrite/write to it without an issue.

While we can obviously go through this process file by file, we are looking for a more sustainable solution so that we do not have keep deleting/regenerating files in the future.

Here are a couple of things to try. One edits the file security to remove any "deny" access permissions and to give your app full rights, and the other removes any "read only" settings on a file and sets the attributes to "normal" (I've had to use this one in the past):

protected void Page_Load(object sender, EventArgs e)
{
    string path = Server.MapPath("theFileLocation");
    RemoveFileSecurity(path, @"App Pool Identity", FileSystemRights.FullControl, AccessControlType.Deny);
    AddFileSecurity(path, @"App Pool Identity", FileSystemRights.FullControl, AccessControlType.Allow);

    FileAttributes a = File.GetAttributes(path);
    a = RemoveAttribute(a, FileAttributes.ReadOnly);
    File.SetAttributes(path, FileAttributes.Normal);
}

private FileAttributes RemoveAttribute(FileAttributes attributes, FileAttributes attributesToRemove)
{
    return attributes & ~attributesToRemove;
}


private void AddFileSecurity(string fileName, string account, FileSystemRights rights, AccessControlType controlType)
{
    FileSecurity fSecurity = File.GetAccessControl(fileName);
    fSecurity.AddAccessRule(new FileSystemAccessRule(account, rights, controlType));
    File.SetAccessControl(fileName, fSecurity);
}

private void RemoveFileSecurity(string fileName, string account, FileSystemRights rights, AccessControlType controlType)
{
    FileSecurity fSecurity = File.GetAccessControl(fileName);
    fSecurity.RemoveAccessRule(new FileSystemAccessRule(account, rights, controlType));
    File.SetAccessControl(fileName, fSecurity);
}