HAP 7 Installation Problem - AppPool

[gavlar]

Code:

icacls C:\inetpub\wwwroot\Hap /grant "IIS AppPool\HAP":(RX)

[enjay]

Thanks Gavlar, I'll give that a try...

[enjay]

Code:

icacls C:\inetpub\wwwroot\Hap /grant "IIS AppPool\HAP":(RX)

Perfect, that worked a treat. Thanks!

[nickbro]

Code:

icacls C:\inetpub\wwwroot\Hap /grant "IIS AppPool\HAP":(RX)

Thanks @gavlar, I've posted this to the Home Access Plus&#43

[enjay]

Other points worth adding to the documentation would be deleting the endpoint lines at the end of the web.config - you posted that to someone on here, and I had it too, so it is unlikely we're the only two.

I also had the remove the line about svg MimeTypes, so if that is something wider then it would be worth documenting too.

Awesome app, by the way, not sure I've said that enough yet!!

[nickbro]

I'll add them to the documentation tab on codeplex tonight

[carolynwhile]

Hi
I have tried the cacls command as described thanks and it sets permissions on the HAP folder but the HAP user is not shown anywhere lower down in the structure. I also had the original issue where I do not get the option to see user, group.. in the object type.

[nickbro]

See: Home Access Plus&#43

Code:

icacls C:\inetpub\wwwroot\Hap /grant "IIS AppPool\HAP":(RX)

Also



Notice I select the local server, and just type the name in, no going to Advanced...

If you are running this on a domain controller:

STOP!

1. can you run this on a member server?
a. If Yes, do so, HAP+ v7+ works best on a member server, although v6- works best on the PDC.
2. you need to enable interactive logons on the server. If your server is a Remote Desktop Server (which mine is), this is already set
3. If you insist on a PDC, make sure Buit-in security principals are selected to search in.

[carolynwhile]

Hi
Presumably this version is not reliant in any way on easylink so I could install onto a member server as long as I created a new external dns mapping to that server ie HAP.kes.org.uk? Would you recommend doing it like this?
Thanks

[nickbro]

Yes, that would be a good thing. HAP+ has never relied on easylink since it was called Home Access Plus+. Back when it was CHS Extranet, it did have some ties, but that was over a year ago.

Best solution is:

Windows Server 2008 R2 acting as a remote desktop server (you can then use remote apps via remote desktop gateway, but that part is optional)
IIS7.5
Joined as a Member Server
Directory on website called HAP in which HAP is installed
Set up a DNS entry pointing to your server (hap.school.tld -> county issued ip -> reverse proxy or traffic routing -> your server, or hap.school.tld -> your external ip -> traffic route for 443 -> your server)
Acquire a SSL Certificate for hap.school.tld, (StartSSL offers free ssl certs)
Assign certificate to the IIS Website
Install quota service on servers you will be accessing for My Files
OPTIONAL: install SQL server, and create a database for the logon tracker database
Set the security on the HAP folder
Set additional rights on the APP_DATA folder

This is the setup I have for my HAP+. I also then use this server as a reverse proxy to relay traffic to our RM Server so management console can be accessed, as well as a backup for our exchanger server. (www.iis.net/download/ApplicationRequestRouting is the extension for IIS7 I use for that)