Tag Archives: windows server 2008 r2

Windows Server 2008 R2 domain controller: Fixing SceCli Event 1202

When running IIS, SQL Server, or SharePoint on a Windows Server 2008 R2 domain controller, you may encounter this error:

Application Event
Event ID: 1202
Source: SceCli
Security Policies were propagated with warning. 0×534 : No mapping between account names and security IDs was done.

I ran into this error when building a virtual machine to run a self contained SharePoint environment, which required that the VM also be a domain controller. This event will show up repeatedly every few minutes in the application event log. The error occurs because the domain controller doesn’t have a concept of “local” accounts and doesn’t know how to resolve some account names that are added by IIS and SQL Server to the domain controller security policy. Microsoft has released a hotfix 977695 to resolve the issue. Continue reading

Configuring SSL Bindings Directly for Http.sys

I ran into an issue today with how the IIS 7.0 admin GUI deals with SSL certificates when assigning bindings to web sites. I had two websites that I was binding to the same IP address, but I was using different ports for each (including different ports for SSL). Even though I was using a different SSL port for the second website, it was telling me that my certificate was already in use by another website and that changing the setting would affect the other site. The strange thing was, I was using two completely different certificates. Why in the world would it tell me my certificate was in use on the other website, when it clearly was not? Changing the SSL settings on one site would end up deleting the settings on the other site. After searching online, I found out that there are some known bugs with how the admin GUI deals with bindings and SSL in general. By settings the bindings on the command line, I was able to work around the issue.

Below are some useful command line commands that can assist in creating SSL bindings manually.

To list SSL certificates in use, with their bindings: Continue reading

Running ASP.NET 1.1 on Windows Server 2008 R2

Although this configuration works on Windows Server 2008 R2, it is unsupported by Microsoft. Use at your own risk.

Use these steps to install ASP.NET 1.1 on either Windows Server 2008 x64 SP2, or Windows Server 2008 R2.

Short version:

  1. Follow all of the steps in How to install ASP.NET 1.1 with IIS7 on Vista and Windows 2008
  2. Then implement this workaround for an acknowledged bug: Workaround: Running ASP.NET 1.1 on Vista SP2/WS08 SP2

My summary:

  1. Ensure that the “IIS Metabase Compatibility” Role Feature is installed in IIS
  2. Download and install:
  3. Make sure ASP.NET 1.1 is enabled under ISAPI and CGI Restrictions
    • In my experience, this has already been enabled after installation
  4. Add this IgnoreSection handler to the <configSections> element on the .NET 1.1 machine.config, located in %windir%\Microsoft.NET\Framework\v1.1.4322\CONFIG
    • <section name="system.webServer" type="System.Configuration.IgnoreSectionHandler,
          System, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
      </configSections>

      Continue reading