How to setup a website to access content on a remote NAS server

One of the more common questions in the newsgroups.  "How can I have my content on a remote server vs. the local web server?".   This article is a step by step how-to serve content from a remote server.  This article assumes there are two machines, 1 web server and 1 content server.  Lets get started.


Setting up environment.

Creating the local user id that will be used to authenticate to the remote share.  You could also create using Computer Management MMC.

Setup the WebSite

To run ASPX webpages you’ll need to ensure the local user has MODIFY permission to the temporary folder where .NET pages are compiled.  If you do not, you could get this error listed below.

If you continue to have issues executing ASP.NET webpages.   You probably need to grant CASPOL permissions.  The command is listed below.


Here is a sample error when executing ASP.NET content on a remote share.   

System.Security.SecurityException: Security error.

Source Error:

Line 57:         private static System.Collections.ArrayList
Line 58:
Line 59:         public Default_aspx() {
Line 60:             System.Collections.ArrayList dependencies;
Line 61:             if ((ASP.Default_aspx.__intialized == false)) {

Source File: D:ASPNetTempauthors_gfweis3070428c5b9f07db9nidezwv.0.cs
Line: 59

Stack Trace:

[SecurityException: Security error.]
   GfWeis._Default..ctor() +0
   ASP.Default_aspx..ctor() in


CASPOL to the Rescue

What is CASPOL?  This is a command line utility to adjust the security on the CLR and .NET framework.  There is also two MMC’s under the Administrative Tools to help adjust the CAS settings.   In order to see all the settings CASPOL can do, open a command prompt and type in CASPOL /?     Be very careful before adjusting these settings.  This shouldn’t be done on your production server without first testing on development server.  Here is more information on MSDN about CASPOL as well as many other tools provided by the .NET framework.  Code Access Security Policy Tool (Caspol.exe) (Allows you to examine and modify machine, user, and enterprise-level code access security policies.)

Here is the command that did the trick!

caspol -m -ag 1 -url "file://\ServerNameRemoteContent$*" FullTrust -exclusive on

Here is a couple of troubleshooting command line items used.

In conclusion, this is just one example of how to setup a website to access content on a remote server.   We would suggest setting up a test environment so you understand the settings before implementing into a production environment.   We used a local user on both servers, if you have a Active Directory Domain available you could use a Domain user vs. a local user.

Reference links

Deploying and Configuring Internet Information Services (IIS) 6.0 with Remotely Stored Content on UNC Servers and NAS Devices

Hope this is helpful,

Steve Schofield
Microsoft MVP – IIS