Edit report at http://bugs.php.net/bug.php?id=50542&edit=1
ID: 50542 Comment by: Reported by: dd at headlineweb dot nl Summary: scandir() cannot open UNC paths since PHP 5.3.1 Status: Feedback Type: Bug Package: *Directory/Filesystem functions Operating System: win32 only - W2003 PHP Version: 5.3.1 Assigned To: pajoye New Comment: Hi Pajoye, my last comment was wrong (had a cached version of a test I ran, therefore I had wrong results). The correct solution is to actually set the "Physical Path Credentials" and leave "Physical Path Credentials Logon Type" as it is (viz. "ClearText"). This however raises an IIS bug that the credentials of the Application Pool don't get passed to the path correctly, although it's set to take over the App Pool credentials. Anywho, for now the issue indeed is solved indeed; A tad bit of documentation would be handy indeed ;-) Regards, B! Previous Comments: ------------------------------------------------------------------------ [2010-03-09 16:42:14] paj...@php.net Ah! I was beginning to think that I was either stupid, blind or both :) Can I consider this issue as solved (but need to be documented, cruelly)? ------------------------------------------------------------------------ [2010-03-09 16:26:05] bramus at bram dot us Hi Pajoye, thanks for your fast reply. I've dugg a bit deeper (thanks to your link) and got it working by leaving ""Physical Path Credentials" untouched (viz. take over the credentials from the Application Pool) and by changing the "Physical Path Credentials Logon Type" from "ClearText" to "Network". By doing so it now works fine. Regards and thanks for your help, Bram. ------------------------------------------------------------------------ [2010-03-09 15:59:47] paj...@php.net hi Bram, This doc (IIS link) is incomplete, it is important to remember that the IUSR(_xxx) is impersonate and anonymous. See: http://support.microsoft.com/kb/207671 This user also has limitations per default, which limits access to remote resources. The reasons and possible workarounds are explain in this kb. PHP 5.2 impersonation was only partial and fails to actually run a process under the choosen users. We have tested 5.3 share access (normal shares or DFS) successfully using 2k3, 2k8 (incl. R2 for both). To test it: - create a user´(site1user for example) - Open the IIS manager - change the Physical Path Credentials (iis 7.x) and set it to this new users - be sure that this user has access to the remote shares ------------------------------------------------------------------------ [2010-03-09 15:34:52] bramus at bram dot us Just tested both the PHP 5.3.2 and the (in this thread posted) PHP 5.3.3-dev builds and the problem still remains. The problem occurs on both WIN2K8 (IIS7) and WIN2K8R2 (IIS7.5) servers. Haven't tested on WIN2K3 though. And yes, impersonate is enabled (as per instructions as seen on http://learn.iis.net/page.aspx/246/using-fastcgi-to-host-php-applications-on-iis-70/) and the IIS user has access to the needed folder and files (the given site runs fine when PHP 5.2.x is used). Right now I'm getting this (both PHP 5.3.2 as PHP 5.3.3-dev) returned on a file where the IIS User + the magic "Everyone" has access to: - file_exists: false - filesize: stat failed for $file - file_get_contents: permission denied - etc. Regards, Bram. ------------------------------------------------------------------------ [2010-02-25 01:00:01] php-bugs at lists dot php dot net No feedback was provided for this bug for over a week, so it is being suspended automatically. If you are able to provide the information that was originally requested, please do so and change the status of the bug back to "Open". ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/bug.php?id=50542 -- Edit this bug report at http://bugs.php.net/bug.php?id=50542&edit=1
