We started seeing the following new error yesterday from an ASP.NET 4.5 site hosted in IIS 7 on Windows Server 2008 R2:
Application information:
Application domain: /LM/W3SVC/3/ROOT/V_1.0.00-1-131431442115804150
Trust level: Full
Application Virtual Path: /V_1.0.00
Application Path: D:\Programs\acme\SERVICES\doc.svc.acme.com\V_1.0.00\
Machine name: Server10P
Process information:
Process ID: 3508
Process name: w3wp.exe
Account name: acme\svcAccP
Exception information:
Exception type: HttpException
Exception message: Cannot execute a program. The command being executed was “D:\Programs\acme\SERVICES\doc.svc.acme.com\V_1.0.00\bin\roslyn\csc.exe” /shared /keepalive:”10″ /noconfig /fullpaths @”C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\v_1.0.00\b433f207\d3dc5e21\nsxn4kcn.cmdline”.
at System.Web.Compilation.BuildManager.ReportTopLevelCompilationException()
at System.Web.Compilation.BuildManager.EnsureTopLevelFilesCompiled()
at System.Web.Compilation.BuildManager.CallAppInitializeMethod()
at System.Web.Hosting.HostingEnvironment.Initialize(ApplicationManager appManager, IApplicationHost appHost, IConfigMapPathFactory configMapPathFactory, HostingEnvironmentParameters hostingParameters, PolicyLevel policyLevel, Exception appDomainCreationException)
Cannot execute a program. The command being executed was “D:\Programs\acme\SERVICES\doc.svc.acme.com\V_1.0.00\bin\roslyn\csc.exe” /shared /keepalive:”10″ /noconfig /fullpaths @”C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\v_1.0.00\b433f207\d3dc5e21\nsxn4kcn.cmdline”.
at System.CodeDom.Compiler.Executor.ExecWaitWithCaptureUnimpersonated(SafeUserTokenHandle userToken, String cmd, String currentDir, TempFileCollection tempFiles, String& outputName, String& errorName, String trueCmdLine)
at System.CodeDom.Compiler.Executor.ExecWaitWithCapture(SafeUserTokenHandle userToken, String cmd, String currentDir, TempFileCollection tempFiles, String& outputName, String& errorName, String trueCmdLine)
at System.CodeDom.Compiler.Executor.ExecWaitWithCapture(IntPtr userToken, String cmd, String currentDir, TempFileCollection tempFiles, String& outputName, String& errorName)
at Microsoft.CodeDom.Providers.DotNetCompilerPlatform.Compiler.Compile(CompilerParameters options, String compilerFullPath, String arguments, String& outputFile, Int32& nativeReturnValue)
at Microsoft.CodeDom.Providers.DotNetCompilerPlatform.Compiler.FromFileBatch(CompilerParameters options, String[] fileNames)
at Microsoft.CodeDom.Providers.DotNetCompilerPlatform.Compiler.CompileAssemblyFromFileBatch(CompilerParameters options, String[] fileNames)
at System.Web.Compilation.AssemblyBuilder.Compile()
at System.Web.Compilation.BuildProvidersCompiler.PerformBuild()
at System.Web.Compilation.ApplicationBuildProvider.GetGlobalAsaxBuildResult(Boolean isPrecompiledApp)
at System.Web.Compilation.BuildManager.CompileGlobalAsax()
at System.Web.Compilation.BuildManager.EnsureTopLevelFilesCompiled()
Access is denied
Request information:
Request URL: http://doc.svc.acme.com/v_1.0.00/api/statement/00077/3080922/Exists
Request path: /v_1.0.00/api/statement/00077/3080922/Exists
User host address: 20.40.80.60
User:
Is authenticated: False
Authentication Type:
Thread account name: acme\svcAccP
This csc.exe executable is the Roslyn compiler executable which is used with the runtime compilation feature of ASP.NET to support the compilation of ASP.NET files (.aspx, .ascx, .svc, .cshtml and .vbhtml). This feature allows changes to supported files on a live site to be updated and rendered without a full project compilation and redeploy of the site. More details can be found at –
The Problem
In our case, the AppPool service account didn’t have rights to write or execute files (including the csc.exe file in the bin folder) in the site folder, thus the “Access Denied” error. This was confusing because our IIS website setup PowerShell script had logic to give the user account full control of the folder. After some further testing we found the folder security was be reset to Read only during the application deployment.
Solutions
The two options we considered follow:
Pre-Compilation
You can use the ASP.NET Pre-Compilation feature to precompile all your views and then also disable runtime updates. This potentially requires changes to the build process and build server to make the aspnet_compiler.exe available during the build. We opted for the next, easier solution.
For more details, on Pre-Compilation check the following documentation:
https://msdn.microsoft.com/en-us/library/bb398860(v=vs.100).aspx
Disable ACLs Deployment
The other option was to disable deployment of ACLs. WebDeploy adds ACLs to deployments by default but it’s easy to disable this feature by setting the following MSBuild Property either in your project file or in your wpp.target extension file:
<PropertyGroup>
<IncludeSetAclProviderOnDestination>False</IncludeSetAclProviderOnDestination>
</PropertyGroup>
If you found this post helpful or have further questions please use the comments below to continue the conversation.
Happy Compiling!