|Applies To||RSA SecurID Web Express 1.0|
RSA ACE/Server 5.0 (no longer supported as of 8-15-2004)
RSA ACE/Server Quick Admin
Microsoft Internet Information Server (IIS) 4.0 and 5.0
For more information on the IIS Lockdown Tool, visit: http://www.microsoft.com/technet/security/tools/locktool.asp
|Issue||RSA SecurID WebExpress and ACE/Server QuickAdmin: Protecting JRun functionality from IIS Lockdown Tool|
JRun Connector no longer functions once IIS Lockdown Tool is run. Unable to get demo servlets to run.
|Cause||The IIS Lockdown Tool removes the scripts directory from the Default IIS server. This is where the JRun connector places the jrun.dll and the jrun.ini files. These files are placed there during the creation of the JRun connector and are crucial for functionality.|
|Resolution||To avoid the failure resulting from applying the IIS Lockdown tool, follow the below procedure:|
1. Open the IIS Management Console
2. Create a virtual Web site running on a unique port (e.g. something other than port 80) [Skip this if you are using a Web site that has already been created]
3. Create a "Scripts" virtual directory. Assign it to a unique physical folder (such as from inetpub\scripts\).
4. Right click on this folder and select Properties
5. On the Virtual Directory tab, uncheck Read and Write permissions within the "Access Permissions" area
6. Click REMOVE in the section "Application Settings"
7. Within the "Permissions" section, make sure Execute (including scripts) is selected
|Legacy Article ID||a7704|