000019286 - RSA SecurID WebExpress and ACE/Server QuickAdmin: Protecting JRun functionality from IIS Lockdown Tool

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000019286
Applies ToRSA SecurID Web Express 1.0
RSA ACE/Server 5.0 (no longer supported as of 8-15-2004)
RSA ACE/Server Quick Admin
Microsoft Internet Information Server (IIS) 4.0 and 5.0
For more information on the IIS Lockdown Tool, visit: http://www.microsoft.com/technet/security/tools/locktool.asp
IssueRSA SecurID WebExpress and ACE/Server QuickAdmin: Protecting JRun functionality from IIS Lockdown Tool
JRun Connector no longer functions once IIS Lockdown Tool is run. Unable to get demo servlets to run.
CauseThe IIS Lockdown Tool removes the scripts directory from the Default IIS server. This is where the JRun connector places the jrun.dll and the jrun.ini files. These files are placed there during the creation of the JRun connector and are crucial for functionality.
ResolutionTo avoid the failure resulting from applying the IIS Lockdown tool, follow the below procedure:

1. Open the IIS Management Console
2. Create a virtual Web site running on a unique port (e.g. something other than port 80) [Skip this if you are using a Web site that has already been created]
3. Create a "Scripts" virtual directory. Assign it to a unique physical folder (such as from inetpub\scripts\).
4. Right click on this folder and select Properties
5. On the Virtual Directory tab, uncheck Read and Write permissions within the "Access Permissions" area
6. Click REMOVE in the section "Application Settings"
7. Within the "Permissions" section, make sure Execute (including scripts) is selected
Legacy Article IDa7704

Attachments

    Outcomes