SBS 2000 + ASP.NET 1.1 + IIS Lockdown not working.

Douglas J. Badin · Nov 13, 2003

When I apply IIS Lockdown to SBS 2000 + ASP.NET 1.1 I run into NTFS
persmission issues with the IWAM_computername user account, i.e. csc.exe.

I tried using the Dynamic Web template and the SBS template with IIS
lockdown but both had the same issues. I

Is there an existing template to make this work?

I understand from Q315158 that since SBS 2000 is a domain controller, .NET
can not create the local ASPNET account since local accounts do not exist on
a domain controller, so it uses the IWAM_computername.

The IIS Lockdown adds IWAM to the "_Web Applications" Group and denys access
to many files and directories for that Group. Even if I use impersonation,
IWAM still tries to do the compiling amongst other things.

I have tried setting up a Custom Account for the ASP.NET worker process per
"Improving Web Application Security: Treats and Countermeasures", Chapter
19 - "Securing Your ASP.NET Application and Web Services",
http://msdn.microsoft.com/library/en-us/dnnetsec/html/THCMCh19.asp. But it
is having problems when accessing SQL Server as if impersonation is not
working even after giving it "impersonate a client after authentication" per
Q324308.

Any ideas?

Thanks,
Doug

Web Services on a Windows 2000 IIS 5.x ASP.Net 1.1 works fine but not on 2003	2	Apr 19, 2007
ASP.NET 1.1 / IIS 6.0 Service account	1	May 17, 2007
Problem with IIS 6.0 and ASP.Net 1.1	0	Feb 7, 2006
Running ASP.NET with IIS on Windows 2000	2	Apr 26, 2006
Windows 2000 Server SP4 ASP.NET 1.1/2.0	3	Aug 8, 2005
ASP.NET 1.1 & 2.0 On IIS	6	May 18, 2006
asp.net 1.1 IIS upgrade to 2.0 with file system	1	Apr 3, 2007
SQL Server 2000/ASP.NET 2.0 Connection String: Works with Cassini, not with IIS 5.1	5	May 14, 2007

SBS 2000 + ASP.NET 1.1 + IIS Lockdown not working.

Douglas J. Badin

Ask a Question

Similar Threads

Members online

Forum statistics

Latest Threads