There doesn't seem to be an obvious place or any documentation from Microsoft that explains where to install complex applications which write files into the app folder and are shared by different users.
We have a complex .NET web application that contains 21 individual projects and includes the following components:
- A main web site which runs a SAAS system and can be locally installed at customer sites
- Applications to install, configure and diagnose
- Applications which are installed as windows services
- Utility applications which are installed on the server and can also be installed on clients and talk to the web app through web services
On Windows 2012 and earlier, you could quite happily deploy this application into program files, and the entire app would sit in one folder. All fine.
However from Windows 2012 R2 and later, normal user accounts cannot write to program files. Our web app contains significant uploading ability, not only of occasional use files, but also a high volume of data files which are fed from customer LANs to our SAAS system. In addition there is log file writing, and session files etc are written inside the folder that hosts the IIS web itself (edit: and the webfolder itself also exists inside our program files app folder)
From what I can gather, apps now reside in program files, and common data exists somewhere inside c:\users\public, and user specific data exists inside c:\users\username. That means the app is spread around on the hard disk and not easy to backup or administer. To follow those conventions we'd need significant rewriting as a lot of the EXE's write relative to the exe path and the web backend also relies on being able to write files inside the webfolder itself.
So is there a proper place in Windows where a complex app like this can be installed that writes to its own folder structures ?
I've noticed on Windows 2012 R2 and Windows 2016, that I CAN create a folder in the root of C: drive, whereas on Windows 10 I cannot. Would a standalone folder be the right solution to this ? It would certainly be the easiest solution for us.
The windows services and IIS app pool would always run under different credentials, so they could no longer share settings if we have a per-user model for writing files.
The app will have to conform to DoD STIG standards for web and .net applications.
thanks