Tag Archives: iis

Windows Server 2008 R2 domain controller: Fixing SceCli Event 1202

When running IIS, SQL Server, or SharePoint on a Windows Server 2008 R2 domain controller, you may encounter this error:

Application Event
Event ID: 1202
Source: SceCli
Security Policies were propagated with warning. 0×534 : No mapping between account names and security IDs was done.

I ran into this error when building a virtual machine to run a self contained SharePoint environment, which required that the VM also be a domain controller. This event will show up repeatedly every few minutes in the application event log. The error occurs because the domain controller doesn’t have a concept of “local” accounts and doesn’t know how to resolve some account names that are added by IIS and SQL Server to the domain controller security policy. Microsoft has released a hotfix 977695 to resolve the issue. Continue reading

Upgrading IIS Web site or application to ASP.NET 4.0

I want to upgrade a Web site from ASP.NET 2.0 to 4.0 without resetting IIS because it is running on a production server. The tool to do this is the ASP.NET IIS registration tool, aspnet_regiis.exe, which comes with ASP.NET 2.0 and 4.0. This tool doesn’t come with ASP.NET 3.0 and 3.5 because they’re both based on CLR 2.0. In fact, you don’t set a Web site or application to use ASP.NET 3.0 or 3.5, as IIS only knows about CLR version. See Scott’s Hanselman’s article for an excellent explanation. The .NET Framework version 4.0 comes with the new CLR 4.0 and so a new version of the tool is available.

Since I want to upgrade the Web site to ASP.NET 4.0, I’d run the 4.0 version of aspnet_regiis.exe, which is found under %systemroot%\Microsoft.NET\Framework\v4.0.303319. According to MSDN, to avoid interrupting IIS, I should use the -s switch to specify only the desired site or application as well as the -norestart switch to inhibit a restart. The value for the -s switch should be the path to the site; however, it may not be clear what this value should be.

To get a list of the paths and their registered ASP.NET version, I executed aspnet_regiis -lk and got the the following: Continue reading

Configuring SSL Bindings Directly for Http.sys

I ran into an issue today with how the IIS 7.0 admin GUI deals with SSL certificates when assigning bindings to web sites. I had two websites that I was binding to the same IP address, but I was using different ports for each (including different ports for SSL). Even though I was using a different SSL port for the second website, it was telling me that my certificate was already in use by another website and that changing the setting would affect the other site. The strange thing was, I was using two completely different certificates. Why in the world would it tell me my certificate was in use on the other website, when it clearly was not? Changing the SSL settings on one site would end up deleting the settings on the other site. After searching online, I found out that there are some known bugs with how the admin GUI deals with bindings and SSL in general. By settings the bindings on the command line, I was able to work around the issue.

Below are some useful command line commands that can assist in creating SSL bindings manually.

To list SSL certificates in use, with their bindings: Continue reading

Running ASP.NET 1.1 on Windows Server 2008 R2

Although this configuration works on Windows Server 2008 R2, it is unsupported by Microsoft. Use at your own risk.

Use these steps to install ASP.NET 1.1 on either Windows Server 2008 x64 SP2, or Windows Server 2008 R2.

Short version:

  1. Follow all of the steps in How to install ASP.NET 1.1 with IIS7 on Vista and Windows 2008
  2. Then implement this workaround for an acknowledged bug: Workaround: Running ASP.NET 1.1 on Vista SP2/WS08 SP2

My summary:

  1. Ensure that the “IIS Metabase Compatibility” Role Feature is installed in IIS
  2. Download and install:
  3. Make sure ASP.NET 1.1 is enabled under ISAPI and CGI Restrictions
    • In my experience, this has already been enabled after installation
  4. Add this IgnoreSection handler to the <configSections> element on the .NET 1.1 machine.config, located in %windir%\Microsoft.NET\Framework\v1.1.4322\CONFIG
    • <section name="system.webServer" type="System.Configuration.IgnoreSectionHandler,
          System, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
      </configSections>

      Continue reading

Deploying a BlackBerry Application OTA in IIS

You can get an application to your BlackBerry in four different ways.

  1. (OTA -Over The Air) Host the application files on a web server and browse to them from the phone
  2. put the application files onto a SD card and load it on the device
  3. load the application onto the phone using the BlackBerry Desktop Manager
  4. push the application to the phone using the BES

There are three different types of files that you will use to install the application on your phone.

Manifest files.

You will need one or the other depending on the deployment metheod you are going with. These files hold the information on how to install the application on your phone what files are going to be needed to do that. Continue reading