I am running a Docker container based on the following Windows Server 2019 core image:
mcr.microsoft.com/dotnet/framework/aspnet:4.8-windowsservercore-ltsc2019
This container is running an ASP.Net 4.8 application and writing to logs folder. Here is full path:
C:\inetpub\wwwroot\logs
My application is present on root of wwwroot folder. I am trying to give Write permission to user IIS_IUSRS on logs but keep getting following error:
Exception calling "SetAccessRule" with "1" argument(s): "This accesscontrol list is not in canonical form and therefore cannot bemodified.
Here is my PowerShell code:
$accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule("IIS_IUSRS", "Write", "ContainerInherit,ObjectInherit", "None", "Allow")$acl = Get-ACL "C:\inetpub\wwwroot\Logs"$acl.AddAccessRule($accessRule)Set-ACL -Path "C:\inetpub\wwwroot\Logs" -ACLObject $aclThe error is coming on line 3 above where it calls AddAccessRule.
How do I fix this issue?