Wednesday, October 29, 2008

Error in Application : ASP.NET application not able to access a file from a shared folder.

Problem: I am running an ASP.NET 2.0 application in IIS 6.0 which is trying to access a file available in a shared folder. All though the fie is available in the folder file.IsExist () method returns false. But same method works fine when trying to access another file available in a shared folder in a different Machine. The major difference between these two machines that I found initially is, first machine is running in a VMware environment. When trying to access the same file from a client side code it works fine for both the servers.

Solution: This problem was due to date time difference between the file server where file exists and the web server where the web application is running. It is working fine when accessing the file from client side code because it uses NT LAN Manager (NTLM) where as when accessing the file from server side code it uses Kerberos. The Kerberos client on the local computer encrypts a timestamp inside the authenticator and then sends it to the Key Distribution Center (KDC). If the KDC verifies that the time it decrypts from the authenticator is within a specified amount of the local time on the KDC (the default is five minutes), the system can assume that the credentials presented are genuine. SO if you synchronize the clock between two servers it will work.

There is another solution to this problem. You can change the value of the Maximum tolerance for computer clock synchronization setting to a higher value. Use the steps mentioned in the following URL to configure this setting.