K
Ken Cox [Microsoft MVP]
Just checking that you ran
iisreset ?
iisreset ?
G
Guest
If you suspect that it could be a permission issue then try the FileMon and RegMon utility from http://www.sysinternals.com
Also check if you IWAM_Account is locked out
Regards
Trevor Benedict R
Also check if you IWAM_Account is locked out
Regards
Trevor Benedict R
C
Cowboy \(Gregory A. Beamer\) [MVP]
There are a couple of things you need to look at:
1. When you move up to DC, many directories are locked down tightly. One
that is paramount to ASP.NET is having the ability to write temp files in
the directory "%WINDIR%\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET
Files". If this is not read/write to the ASP.NET worker process, you are
fried.
2. Certain types of updates will unlink ASP.NET from IIS. aspnet_regiis /i
works wonders in these cases.
That is what I remember off hand. I noticed Ken and a few others have joined
the fray, so we have a good knowledge base starting.
NOTE: It is not recommended to install .NET apps on a DC.
--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA
************************************************
Think Outside the Box!
************************************************
1. When you move up to DC, many directories are locked down tightly. One
that is paramount to ASP.NET is having the ability to write temp files in
the directory "%WINDIR%\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET
Files". If this is not read/write to the ASP.NET worker process, you are
fried.
2. Certain types of updates will unlink ASP.NET from IIS. aspnet_regiis /i
works wonders in these cases.
That is what I remember off hand. I noticed Ken and a few others have joined
the fray, so we have a good knowledge base starting.
NOTE: It is not recommended to install .NET apps on a DC.
--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA
************************************************
Think Outside the Box!
************************************************
J
John
C
Carlos Barini
Try to reaply the DC Security template for this Domain Controller.
See the account tha runs the Framework in "machine.config" file, in
ProcessModel !!!
Make ONE correction step and test. Then, when works, you'll know what that
you did.
Carlos Barini
MCP, MCSE, MCDBA
See the account tha runs the Framework in "machine.config" file, in
ProcessModel !!!
Make ONE correction step and test. Then, when works, you'll know what that
you did.
Carlos Barini
MCP, MCSE, MCDBA
C
Carlos Barini
It's always like this Joris.
In 99% of the times the error is very small!
Always try to think in the simple thinks.
Carlos Barini
In 99% of the times the error is very small!
Always try to think in the simple thinks.
Carlos Barini
C
Cowboy \(Gregory A. Beamer\) [MVP]
You now know something you did not know, so don't feel stupid. Remember, you
learn more from mistakes than successes.
--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA
************************************************
Think Outside the Box!
************************************************
learn more from mistakes than successes.
--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA
************************************************
Think Outside the Box!
************************************************
G
Guest
Hi all, I'm having some problems after upgrading a windows 2000 Server to
Domain Controller.
Symptoms: every aspx page returns blank
HTTP Response headers:
HTTP/1.0 200 OK
Server: Microsoft-IIS/5.0
Date: Mon, 07 Jun 2004 19:40:50 GMT
X-Powered-By: ASP.NET
Connection: close
X-AspNet-Version: 1.1.4322
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 4490
Confirmed that this is not a problem with browser (IE 6.1) by opening
command-prompt ant typing the following commands:
telnet 127.0.0.1 80<ENTER>
GET / HTTP/1.0 <ENTER>
<ENTER>
Configured <processModel> settings in machine.config as per
http://support.microsoft.com/default.aspx?kbid=317012 and
http://support.microsoft.com/default.aspx?scid=kb;en-us;315158
1- tried machine account (IWAM_COMPUTERNAME) (default)
2- tried SYSTEM account
3- tried creating domain user account "ASPNET" (with logon as batch & logon
as service permissions in DC Policy)
4- tried making ASPNET account Administrator
5- tried Aspnet_regiis -i
6- repeated steps 1 to 3
7- tried reinstall of .NET Framework 1.1
8- repeated steps 1 to 3
however the symptoms persist
Thanks in advance for your assistance
Domain Controller.
Symptoms: every aspx page returns blank
HTTP Response headers:
HTTP/1.0 200 OK
Server: Microsoft-IIS/5.0
Date: Mon, 07 Jun 2004 19:40:50 GMT
X-Powered-By: ASP.NET
Connection: close
X-AspNet-Version: 1.1.4322
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 4490
Confirmed that this is not a problem with browser (IE 6.1) by opening
command-prompt ant typing the following commands:
telnet 127.0.0.1 80<ENTER>
GET / HTTP/1.0 <ENTER>
<ENTER>
Configured <processModel> settings in machine.config as per
http://support.microsoft.com/default.aspx?kbid=317012 and
http://support.microsoft.com/default.aspx?scid=kb;en-us;315158
1- tried machine account (IWAM_COMPUTERNAME) (default)
2- tried SYSTEM account
3- tried creating domain user account "ASPNET" (with logon as batch & logon
as service permissions in DC Policy)
4- tried making ASPNET account Administrator
5- tried Aspnet_regiis -i
6- repeated steps 1 to 3
7- tried reinstall of .NET Framework 1.1
8- repeated steps 1 to 3
however the symptoms persist
Thanks in advance for your assistance
J
Joris van Lier
Ken, thanks for your quick reply,
i should have stated i rebooted the server after changing Policies and
processModel settings
FYI: I've confirmed Classic ASP is working
Joris van Lier
i should have stated i rebooted the server after changing Policies and
processModel settings
FYI: I've confirmed Classic ASP is working
Joris van Lier
J
Joris van Lier
After doublechecking permissions for various filesystem locations the
following problem occurs:
i can't access the permissions tab for %windir%/assembly
Should i be able to reset File Access permissions when logged on as Domain
Admin?
Thanks in advance for your assistance.
following problem occurs:
i can't access the permissions tab for %windir%/assembly
Should i be able to reset File Access permissions when logged on as Domain
Admin?
Thanks in advance for your assistance.
J
Joris van Lier
Thank you all very much for your assistance,
this is what what i tried today,
reset the password in AD users and computers
set processModel username to "MyDomain\ASPNET" and entered password
accordingly
i created thre following batch-file to set correct access-permissions
SETLOCAL
SET DOMAIN=MyDomain
SET USER=ASPNET
cacls %SystemDrive%\inetpub\wwwroot /e /t /p %DOMAIN%\%USER%:R
cacls %windir%\Microsoft.NET\Framework /e /t /p %DOMAIN%\%USER%:R
cacls %windir%\Temp /e /t /p %DOMAIN%\%USER%:F
cacls %windir%\System32 /e /t /p %DOMAIN%\%USER%:R
cacls %windir%\assembly /e /t /p %DOMAIN%\%USER%:R
ENDLOCAL
then did an iisreset and tried to open http://localhost/HelloWorld.aspx
no
luck
Next I set the "Impersonate user After Logon" and "Log on as Batch job"
right for the ASPNET account in Domain Controller security policy AND in
local security policy and ran the following commands
secedit /refreshpolicy machine_policy /enforce
iisreset
tried to open the HelloWorld page but still not working
Next i reapplied the "DC Security" template and refreshed policies.... man
im getting tired, it's still not working
In the mean time i took a test-system formatted it and installed Windows
2000 Server, Applied SP4 and set it to be a domain controller (for a new
domain that didn't exist on the network), installed .NET Framework 1.1 and
followed instructions from Q811320... it won't play along, same behaviour
(blank pages) except for a HTTP 500 Internal Server Error Response instead
of HTTP 200 OK
The System, Security and Application Eventlogs don't show any error or
failure messages related to the ASPNET domain account
I really don't know what to do next, if you're willing to have a try you
could contact me via MSN Messenger and have a go via Netmeeting Remote
Desktop Sharing as i don't have Terminal Services installed (because TS
disables the Offline Folders feature)
Thanks again for your help, i've learnt a lot about the security features in
ASP.NET and Windows
Joris van Lier
this is what what i tried today,
reset the password in AD users and computers
set processModel username to "MyDomain\ASPNET" and entered password
accordingly
i created thre following batch-file to set correct access-permissions
SETLOCAL
SET DOMAIN=MyDomain
SET USER=ASPNET
cacls %SystemDrive%\inetpub\wwwroot /e /t /p %DOMAIN%\%USER%:R
cacls %windir%\Microsoft.NET\Framework /e /t /p %DOMAIN%\%USER%:R
cacls %windir%\Temp /e /t /p %DOMAIN%\%USER%:F
cacls %windir%\System32 /e /t /p %DOMAIN%\%USER%:R
cacls %windir%\assembly /e /t /p %DOMAIN%\%USER%:R
ENDLOCAL
then did an iisreset and tried to open http://localhost/HelloWorld.aspx
noluck
Next I set the "Impersonate user After Logon" and "Log on as Batch job"
right for the ASPNET account in Domain Controller security policy AND in
local security policy and ran the following commands
secedit /refreshpolicy machine_policy /enforce
iisreset
tried to open the HelloWorld page
but still not workingNext i reapplied the "DC Security" template and refreshed policies.... man
im getting tired, it's still not working
In the mean time i took a test-system formatted it and installed Windows
2000 Server, Applied SP4 and set it to be a domain controller (for a new
domain that didn't exist on the network), installed .NET Framework 1.1 and
followed instructions from Q811320... it won't play along, same behaviour
(blank pages) except for a HTTP 500 Internal Server Error Response instead
of HTTP 200 OK
The System, Security and Application Eventlogs don't show any error or
failure messages related to the ASPNET domain account
I really don't know what to do next, if you're willing to have a try you
could contact me via MSN Messenger and have a go via Netmeeting Remote
Desktop Sharing as i don't have Terminal Services installed (because TS
disables the Offline Folders feature)
Thanks again for your help, i've learnt a lot about the security features in
ASP.NET and Windows
Joris van Lier
J
Joris van Lier
Thank you all very much for your assistance,
this is what what i tried today,
reset the password in AD users and computers
set processModel username to "MyDomain\ASPNET" and entered password
accordingly
i created thre following batch-file to set correct access-permissions
SETLOCAL
SET DOMAIN=MyDomain
SET USER=ASPNET
cacls %SystemDrive%\inetpub\wwwroot /e /t /p %DOMAIN%\%USER%:R
cacls %windir%\Microsoft.NET\Framework /e /t /p %DOMAIN%\%USER%:R
cacls %windir%\Temp /e /t /p %DOMAIN%\%USER%:F
cacls %windir%\System32 /e /t /p %DOMAIN%\%USER%:R
cacls %windir%\assembly /e /t /p %DOMAIN%\%USER%:R
ENDLOCAL
then did an iisreset and tried to open http://localhost/HelloWorld.aspx no
luck
Next I set the "Impersonate user After Logon" and "Log on as Batch job"
right for the ASPNET account in Domain Controller security policy AND in
local security policy and ran the following commands
secedit /refreshpolicy machine_policy /enforce
iisreset
tried to open the HelloWorld page but still not working
Next i reapplied the "DC Security" template and refreshed policies.... man
im getting tired, it's still not working
In the mean time i took a test-system formatted it and installed Windows
2000 Server, Applied SP4 and set it to be a domain controller (for a new
domain that didn't exist on the network), installed .NET Framework 1.1 and
followed instructions from Q811320... it won't play along, same behaviour
(blank pages) except for a HTTP 500 Internal Server Error Response instead
of HTTP 200 OK
The System, Security and Application Eventlogs don't show any error or
failure messages related to the ASPNET domain account
I really don't know what to do next, if you're willing to have a try you
could contact me via MSN Messenger and have a go via Netmeeting Remote
Desktop Sharing as i don't have Terminal Services installed (because TS
disables the Offline Folders feature)
Thanks again for your help, i've learnt a lot about the security features in
ASP.NET and Windows
Joris van Lier
this is what what i tried today,
reset the password in AD users and computers
set processModel username to "MyDomain\ASPNET" and entered password
accordingly
i created thre following batch-file to set correct access-permissions
SETLOCAL
SET DOMAIN=MyDomain
SET USER=ASPNET
cacls %SystemDrive%\inetpub\wwwroot /e /t /p %DOMAIN%\%USER%:R
cacls %windir%\Microsoft.NET\Framework /e /t /p %DOMAIN%\%USER%:R
cacls %windir%\Temp /e /t /p %DOMAIN%\%USER%:F
cacls %windir%\System32 /e /t /p %DOMAIN%\%USER%:R
cacls %windir%\assembly /e /t /p %DOMAIN%\%USER%:R
ENDLOCAL
then did an iisreset and tried to open http://localhost/HelloWorld.aspx
noluck
Next I set the "Impersonate user After Logon" and "Log on as Batch job"
right for the ASPNET account in Domain Controller security policy AND in
local security policy and ran the following commands
secedit /refreshpolicy machine_policy /enforce
iisreset
tried to open the HelloWorld page
but still not workingNext i reapplied the "DC Security" template and refreshed policies.... man
im getting tired, it's still not working
In the mean time i took a test-system formatted it and installed Windows
2000 Server, Applied SP4 and set it to be a domain controller (for a new
domain that didn't exist on the network), installed .NET Framework 1.1 and
followed instructions from Q811320... it won't play along, same behaviour
(blank pages) except for a HTTP 500 Internal Server Error Response instead
of HTTP 200 OK
The System, Security and Application Eventlogs don't show any error or
failure messages related to the ASPNET domain account
I really don't know what to do next, if you're willing to have a try you
could contact me via MSN Messenger and have a go via Netmeeting Remote
Desktop Sharing as i don't have Terminal Services installed (because TS
disables the Offline Folders feature)
Thanks again for your help, i've learnt a lot about the security features in
ASP.NET and Windows
Joris van Lier
J
Joris van Lier
It turned out to be Zone-Alarm, man i feel so stupid, immediately after
disabling ZoneAlarm everything started working again
disabling ZoneAlarm everything started working again
J
Joris van Lier
Thanks Carlos,
the problem only occurrs with the lates version of ZoneAlarm (5.0.590.015)
installing a previous version (4.5.594.000) makes ASP.NEt work again.
i'll forward my findings to ZoneLabs support.
Thanks everyone for your excellent support!!
Joris van Lier
the problem only occurrs with the lates version of ZoneAlarm (5.0.590.015)
installing a previous version (4.5.594.000) makes ASP.NEt work again.
i'll forward my findings to ZoneLabs support.
Thanks everyone for your excellent support!!
Joris van Lier