Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

BUG: "ExternalException: Cannot Execute a Program" Error Message When You Call WebServices from .aspx Page


View products that this article applies to.

This article was previously published under Q315904

↑ Back to the top


Symptoms

If you use Simple Object Access Protocol (SOAP) to call the WebServices method from an .aspx page, the .aspx page may fail when you run the Microsoft Internet Information Services (IIS) Lockdown tool. In addition, you may receive the following error message:
[ExternalException (0x5): Cannot execute a program. The command being executed was "d:\winnt\microsoft.net\framework\v1.0.3408\csc.exe" /noconfig @"D:\WINNT\TEMP\eyrpuhyg.cmdline".]
This problem only affects Web applications or Web services that are clients of a Web service and that impersonate the Anonymous user account.

↑ Back to the top


Cause

The IIS Lockdown tool denies execution access for the IUSR_COMPUTERNAME and the IWAM_COMPUTERNAME accounts to every executable file (*.exe) in the Windows directory (%windir%). This includes framework tools such as the Csc.exe file, which the XmlSerializer class uses. When a Web application or a Web service impersonates IUSR_COMPUTERNAME or IWAM_COMPUTERNAME, the Web application or the Web service cannot use XmlSerializer to serialize objects into Extensible Markup Language (XML) documents.

Note This problem does not affect the server side of a Web service because XmlSerializer is generated and compiled outside of the impersonation.

↑ Back to the top


Resolution

To resolve this problem, use one of the following methods:
  • Use a different, non-Anonymous account to impersonate. (This is the recommended method.)
  • Add sufficient permission for the executable files in the Windows directory.

↑ Back to the top


Status

Microsoft has confirmed that this is a bug in the Microsoft products that are listed at the beginning of this article.

↑ Back to the top


More information

Steps to Reproduce the Behavior

  1. Allow Anonymous access on the IIS application.
  2. Enable impersonation for the Web application in the local Web.config file as follows:
    <configuration>
      <system.web>	
    	<identity impersonate="true" />
      </system.web>
    </configuration>
    					
  3. Run the IIS Lockdown tool, or deny access to the IUSR_COMPUTERNAME or the IWAM_COMPUTERNAME account on the Csc.exe file before you request the page.

↑ Back to the top


References

For additional information about impersonation in an ASP.NET application, click the following article number to view the article in the Microsoft Knowledge Base:
306158� INFO: Implementing Impersonation in an ASP.NET Application
For additional information about XmlSerializer, click the article number below to view the article in the Microsoft Knowledge Base:
315703� HOW TO: Serialize an Object to XML by Using Visual Basic .NET
For more information about Web services, refer to the following MSDN Web sites:
XML Web Services Developer Center
http://msdn.microsoft.com/webservices

XML Web Service-Enabled Office Documents (an Extreme XML column)
http://msdn2.microsoft.com/en-us/library/ms950767.aspx

In addition, refer to the "Creating and Accessing Web Services Walkthroughs" topic in the Visual Studio .NET Online Help documentation for more information about Web services.

↑ Back to the top


Keywords: KB315904, kbwebforms, kbsecurity, kbpending, kbbug

↑ Back to the top

Article Info
Article ID : 315904
Revision : 9
Created on : 3/29/2007
Published on : 3/29/2007
Exists online : False
Views : 735