Permission denied: 'CreateObject' 2

[kev05]

hi all,

i'm getting the below error message:

Error Type:
Microsoft VBScript runtime (0x800A0046)
Permission denied: 'CreateObject'
/dump2.asp, line 22


my code is:

<html>
<head>
<title>test</title>
<%
Sub LaunchApp

Dim qtApp
Dim qtTest
Dim qtResultsOpt

Set qtApp = CreateObject("QuickTest.Application")
qtApp.Launch
qtApp.Visible = True

End Sub
%>

</head>
<body>
<%Call LaunchApp%>
</body>
</html>


Any ideas why I'm getting the permission issue?

I tried the below in a vbs file and it manages to open the wanted application:

Dim qtApp
Dim qtTest
Dim qtResultsOpt
Set qtApp = CreateObject("QuickTest.Application")
qtApp.Launch
qtApp.Visible = True


So why doesn't it work when I put the vbs code into asp?
Which permission do i need to check?

looking forward to hearing from someone,
thanks in advance,
kev

 

[kev05]

By the way. I forgot to mention that I have checked the IIUSR_<machine> account and i have given it admin rights..

What else shall I look at?

thanks,
Kev

 

[theniteowl]

Where does the application reside that you are trying to launch?
Your code is running server side so if the app is on the server you may need to use Server.CreateObject.
But this would not make the app visible to you it would open the app on the server as a process.

If the app resides on your machine then you may have more luck adding in vbscript script tags for your code so it runs client side.


Paranoid? ME?? WHO WANTS TO KNOW????

 

[kev05]

Bascically, I want to create an web front-end using asp to enable users in my office to launch QuickTest automated test script remotely. (QuickTest is the name of the test automation tool)

- QuickTest application resides on the server.

- Users will then be able to launch QuickTest from the asp page (not only as a process - but actually opening the application)

- The Web server resides on the same machine as QuickTest.


Looking forward to hear from anyone,
thanks,
Kev

 

[theniteowl]

I do not think this can be done.
When you launch an application on the server it runs as a process on the server but even at the console you would not see the application window.
There is no way the application window can appear on the clients desktop or even within the browser.

At best you may be able to read results back from the application to display in the browser but you would have to build your entire application on the web to just pass info to and from the server side application and you will of course be limited by what ability that application has for automation.

If you find a way to do it I would be very interested in seeing it but I do not think it is possible without the applicaiton or a custom interface being installed client side.


Paranoid? ME?? WHO WANTS TO KNOW????

 

[kev05]

Thanks for your quick response,

Using the QuickTest Object model, I can actually launch the application remotely. I have succesfully done it using a vbs file. Now, I just need to do the same using asp. I'm using asp as I want to give users an interface to parametize the test remotely. I can easily parametize the test using QuickTest object model. (which i have done in the past using a vbs script)


the below code, which does work using vbscript should also make the application visible on server I believe:

qtApp.Visible = True ' Make the QuickTest application visible


- Yes, I don't want the application to be visible to the client. All I want to do is for the user to launch the application remotely. The application will then open up on the server and kick the test off and then email the results once completed.

So, all I need is asp to launch my application.


I have just modified my code to:

Set qtApp = Server.CreateObject("QuickTest.Application")


And I'm now getting the following error message:


Server object, ASP 0178 (0x80070005)
The call to Server.CreateObject failed while checking permissions. Access is denied to this object.


Any ideas why I'm getting the above error messages? It sounds to be caused by not having the correct NTFS permissions. Anyone has any ideas which specific permissions do i need to alter? or any other solution to this error message.

thanks in advance,
Kev

 

[theniteowl]

It sounds as if the IUSR account is not allowed to execute the exe file associated with the application object.

You might have to set permissions on the EXE file or mabye on the folder the application resides in.

The server looks at the ("QuickTest.Application") and looks in the registry to see what application it is associated with then tries to execute it so it seems to me that it would be permissions related to the application.
You may need to modify the Everyone permissions on that file/folder.


Paranoid? ME?? WHO WANTS TO KNOW????

 

[kev05]

I have given all the permissions access but still getting the same problems.

I have:
- set the permission on my application .exe (everyone full rights)

- set the permission on the folder where the application resides (everyone full access)

As i said earlier, i can open qtp using vbscript. I have opened task manager to see the processes that opening up. I have a first process which is related to the application that is opening up (qtauto~1.exe). Another process then comes up (qtp.exe). And after approximately 10seconds, qtauto~1.exe automatically closes down.

However, when I try to open the application through asp, I 'm getting the error which I have explained earlier. But I have noticed in tast manager that it opens up the qpauto~1.exe process but not qtp.exe.

I have checked the permission on qtp.exe and the application folder and i have given everyone group full control.

Any ideas why I'm not able to open the application in asp when it actually works using only vbs.

thanks in advance,
kev


anymore ideas?
thanks

 

[theniteowl]

Set the IUSR account to the same permissions as well.

When you run code from a VBS file it is executing under the permissions of your current logon ID but when you do it from the web server it executes under permission of the IUSR_machinename account.
I suggested the Everyone account because I found references to that error on a server.createobject for a different type of app and the fix was said to be setting Everyone to full rights.


Paranoid? ME?? WHO WANTS TO KNOW????

 

[theniteowl]

One other possibility.
The installation of the application may include DLL files in other folders and access to those files is being prevented causing the error. Not an easy thing to track down most times though.


Paranoid? ME?? WHO WANTS TO KNOW????

 

[kev05]

I have checked the permissions and I'm running out of ideas of which file/folder i need to grant permission..I have google the error message and I tried all the proposed solution but in vain. I changed most folder/file permissions to allow everyone full control. However, it may be possible that there are some dlls files in other folders that need full control permissions, which i have omitted. Do you know a tool in which i can give full access to my c: drive so that it propagates to all directories and files?

Otherwise, I'm thinking of a workaround..How about having a html file calling a vbs file as I know that from a vbs file I can successfully launch my application? So, The html file would be located on a webserver and I would then place the vbs file outside the webserver so that it doesn't use the 'IUSR_machinename account'. What do you think of this workaround? Is it feasible?

When I think about it, I maybe don't need server side scripting as all i want to do is to launch an application on the server and this can be achieved using the location property in the createobject function.

example:
Set qtApp = CreateObject("QuickTest.Application","hostname")


If anyone has any other ideas in how I can implement this or solve the permission issue, please let me know,

thanks,
Kev

 

[theniteowl]

Launching the VBS file from your web app will not work as it will launch under the permissions of the IUSR account. The only way for it to work with client side permissions is executing the VB code from client side.

However, you could use a .HTA file in order to launch the connection. HTA (HTML Applications) which has the ability to run client side just like the VBS file but you can use HTML for all your formatting. The code is almost identical to your VBS.


Paranoid? ME?? WHO WANTS TO KNOW????

 

[theniteowl]

kev05,
Try this.
Save this code into a file with the extension .HTA

<html>
<head>
   <HTA:APPLICATION
   ID = "oApp"
   APPLICATIONNAME = "QuikTest Remote"
   BORDER = "thick"
   CAPTION = "yes"
   ICON = ""
   SHOWINTASKBAR = "yes"
   SINGLEINSTANCE = "yes"
   SYSMENU = "yes"
   WINDOWSTATE = "normal"
   SCROLL = "yes"
   SCROLLFLAT = "yes"
   VERSION = "1.0"
   INNERBORDER = "yes"
   SELECTION = "no"
   MAXIMIZEBUTTON = "yes"
   MINIMIZEBUTTON = "yes"
   NAVIGABLE = "yes"
   CONTEXTMENU = "yes"
   BORDERSTYLE = "normal"
   >
<title></title>
<script language="vbscript">

Sub LaunchApp

  Dim qtApp 
  Dim qtTest 
  Dim qtResultsOpt 
  Set qtApp = CreateObject("QuickTest.Application") 
    qtApp.Launch 
    qtApp.Visible = True 

End Sub 

</script>
</head>
<body>
</body>
</html>

The file can be launched from the local desktop and it executes with local permissions.
Your VBS code should work inside this file but you have all the capabilities of an HTML page with VBScript and Javascript code as well.

From your web page you can put a link to the file or you can place it directly on their desktops. If you have a link to it, clicking on it will try to download the file which will generally result in an ActiveX warning message unless the security level is set lower but it will give them the opportunity to Open or Save the file.


Paranoid? ME?? WHO WANTS TO KNOW????

 

[Sheco]

As a test, try using the IIS Admin tool to disable Anonymous Access to your .ASP page. That should force your script to execute under the security profile of your account instead of as IUSR_XXX. You can debug it under this test mode to make sure you get everything else besides the permissions fixed.... once it works in this mode go back to Anonymous and you can be relativly sure any remaining problems are related to permissions.

 

[kev05]

Hi theniteowl / Sheco,

I'm currently back home, so i will try this first thing on monday morning.

I am now using the hta file and with it I can successfully open the 'quicktest' application remotely. I have basically put the hta file in the web server in which qtp is also installed.

I'm accessing the hta file through an IE browser. As you said, when I open up the hta file, i get the .ActiveX warning message' which is all fine - I accept it and then the application actually open on the quicktest machine, which is all great.

The application then opens up the test but when it tries to run the test, I'm getting a PERMISSION ERROR! arghhh.


The line in which i get the error is:

qtTest.Run qtResultsOpt ' Run the test



By the way, in order to run the application remotely, I have included the location in the argument of CreateObject function:

Set qtApp = CreateObject("QuickTest.Application","Server")


My observations and the test I have carried out are:

- when i run the hta file from the webserver itself without using the location argument - it does work (the script can be run)

- so, the issue i believe is a permission issue..it seems that I can create object, open the application, open the test but not able to run it. What permission do you believe I need to look into? When I access my Websever through an hta file, which account does it actually use? It's strange that I can open the application, open up the test but only can't run it...

- I have tried using .asp file but I'm still getting the error not able to create the object..though, i have looked into the task manager for the open processes and it seems that a quicktest process is actually opening but the application is not visible. Is there no way to open the application and make it visible by creating an application object??

- I have also tried the following: I have create a shared drive on my server and put the hta file in there. I then opened that file on the client and I'm also getting the above issue..permission issue when trying to run the application. The solution would be i guess to try the hta as if I was actually sitting on the server..it would then work fine. Any ideas on how do that or if it is actually possible to achieve?

- apart of that, if you have any more suggestions.please let me know..thanks so much again.


theniteowl - thanks again..especially for the hta suggestion
Sheco - thanks..i will need to try that on monday morning.


Looking forward for any suggestions / solutions,
thanks,
Kev

 

[damber]

- Try looking at the IWAM_xxxxx account
- Ensure that you have enabled "Scripts and Executables" in the Execute Permissions / App settings of the website.
- Also check the Application Pool identity user (for IIS6.0)

You may want to try an alternative execution method - through Windows Script Host in the ASP page and executing the exe file directly - it's unlikely to make any difference, but worth testing just in case. e.g.

Dim WShell, iRetCode
set wshell = server.createobject("wscript.shell")
iRetCode = wshell.run("C:\YourExe.exe", 0, True)
set wshell = nothing

You probably won't want to stay with this method (as it is limited and can be leaky), but it may help indicate where the problem is.

Hope that helps


A smile is worth a thousand kind words. So smile, it's easy!

 

[theniteowl]

If the HTA file is on the server and you try to execute it your option is only to save or execute the file. The file is downloaded to your PC either to the location you selected to save it or wherever your browser downloads temporary files so either way the file is downloaded and executed from your PC, not from the server.
So the permissions required are those of your logon ID and has nothing to do with the web servers access or even the folder that the HTA file sits in at the server.
So it is the permissions your ID has for whatever files/folders you need to access.

I am not at all familiar with QuickTest so when you say you get QuickTest to launch but when you talk about opening the test I do not know what you are refering to. Is this just code you use to pass information to/from QuickTest?
It might be that you can launch the application but as soon as the app tries to write anything it fails because your ID does not have write or create access but does give you read and/or execute.

If I had a better idea of what the application is and what you have to do I might have a better idea of how to solve the problem.

Also, do you have this QuickTest application installed on the PC you are working from? Because if you are not specifying the machine for it to launch from it will default to the machine you are logged into where you will not have permission issues to launch the app but it will fail when someone else tries to execute it.

I do not think you will be able to see the application even if you go to the server console as it would be running as a process under your logon ID as a remote connection not the same as if you were logged directly onto the server and running it there.
If on the server you hit Ctrl-Alt-Del you can see the application showing under the Task Manager but no visual evidence of the application.

If you were using this type of approach to launch a program on your own computer you could set the visible property so that you can see it or not as you please but when it is executing on a different machine it only runs as a process.

Another thing to watch out for. If you open the app on the server make sure you close it again when you are done.
I have had apps open a process and not close then when you run it again it opens another one and then another, etc.
Eventually my web server refused to allow any more pages to load. Closing the processes from the Task Manager did not fix it, neither did stopping and restarting the web services. I had to re-boot the machine to get it working again.


Paranoid? ME?? WHO WANTS TO KNOW????

 

[kev05]

Hi,

- I don't believe it is a IIS permission issue as I did put the script in a share drive and I also got the permission denied issue

- I have used Filemon to debug any permissions with one of our developer but he said that the permission issue is not the server. We didn't get any permissions errors in our logs. So the permission issue must be on the machine which is accessing the script and trying to run it. So, which folder and file shall I look into?

- Also, could it be a DCOM configuration settings on the server? I have checked the DCOM settings of 'QuickTest' and I have given 'everyone' and 'all domain users' full rights.

- I have also checked the folder in which the .exe is located on the server and I have again given 'everyone' and 'all domain users' full rights.

- theniteowl: to answer your questions, when I refer to opening the test is similar to loading the test. First of all, the application QuickTest opens, it then loads the script up and finally run the script. Yes, I have also QuickTest on the client machine in which I'm running the script. But other users wont' obviously have QuickTest on their machine.

- theniteowl: You said that my ID does not have write or create access but does give you read and/or execute. I have checked in which group my ID is in..and its in the administrator group. Shall i add any other groups?


- theniteowl: I'm using the location argument in the CreateObject function so that I can launch the script remotely. I can actually see the application on the server. So not only as a process, the application opens up and the test script loads up to but I only get the permission error once I try to run the test remotely.

- Finally, do you guys believe it could be QuickTest software is not allowing us to remotely run a test. They might have put some security in the software so that we can't kick a script off remotely.

I'm completely running out of ideas. I have checked nearly all permissions issues. So if you guys have any more ideas, please let me know,

thanks so much again,
looking forward to hearin from you,
cheers,
Kev

 

[theniteowl]

Everything varies depending on how you are launching and in what security context.

If you use server side code and server.createobject then it is launching on the server side in the context of the IUSR account. If you launch it client side then you launch under the context of the clients logon ID security and access to everything is altered.

I think your best test is to log onto a PC that does not have that software installed but with an ID that has admin rights on the server so you know where the app is launching from and under what permissions.

If the method you use to launch the app is run client side but specifying the server location to execute it, then I would think it is using LOGON ID permissions to instantiate the application. How then does the test script get called?
Is it possible to launch the test script via the command line calling the application?

What/where is the output of the script? Is it on the web server or in another location? It could be that the application is trying to create a file for the output and the application does not have permissions to the folder it is writing to under the current security context.



Paranoid? ME?? WHO WANTS TO KNOW????

 

[kev05]

theniteowl,

I have tried what you suggested me and this is what I get:

I have asked one of my collegue who doesn't have quick test installed on his machine and he got the below error message:

ActiveX component can't create object: 'QuickTest.Application'

I have added my collegue in the administrator on the server (where quick test is installed) and also in the quicktest DCOM settings.


here is how i'm opening the test:
--------------------------------
qtApp.Open "T:\dummy", True ' Open the test in read-only

here is how i set the results location:
-----------------------------------------
Set qtResultsOpt = CreateObject("QuickTest.RunResultsOptions") ' Create the Run Results Options object
qtResultsOpt.ResultsLocation = "C:\Res1" ' Set the results location

here is how i run the test:
----------------------------
qtTest.Run qtResultsOpt ' Run the test


the T drive is a shared folder which everyone has access. The test script is stored there. In both client and server, i have mapped the T drive to the shared folder. By the way, I have tried to access the script from the server C drive which is shared. I have checked the sharing permission and security permission...but didn't seem to help.

As far as the results are concerned, they are stored locally on the client. in the above example, the results of the run is stored in C:\Res1.

I have also tried saving the results on the server and a shared folder and checked permission access but it didn't work either.

I believe what is interesting is that a user who doens't have quicktest installed on his machine is getting a different error message.

Looking forward to hear from any one,
and a special thanks to theniteowl!

cheers,
kev