Solved

EXCHANGE 2000 WITHOUT IIS

Posted on 2002-03-15
5
378 Views
Last Modified: 2012-06-21
HI,
IS THERE ANYWAY TO INSTALL EXCH 2000 WITHOUT INSTALLING IIS. I DON'T WANT TO USE IIS IN THE SYSTEM.

THANKS
0
Comment
Question by:csumer
  • 2
  • 2
5 Comments
 
LVL 11

Expert Comment

by:geoffryn
ID: 6868422
No.  IIS is a dependency of Exchange 2000.
0
 

Author Comment

by:csumer
ID: 6868640
Are you saying this is a must? Is there any way to get rid of it even after the installation. Like disabling. Or uninstalling IIS after.
The thing is I don't want to live to many open doors for heackers..
thanks...
0
 
LVL 11

Expert Comment

by:geoffryn
ID: 6868656
No, you can't get rid of it.  The two are heavily intertwined.  You can disable some services from IIS, ie ftp and you can also use IISLOCKD to secure the server, but you cannot uninstall IIS.
0
 

Author Comment

by:csumer
ID: 6869126
thanks,
accepted...
0
 

Accepted Solution

by:
jml6278 earned 20 total points
ID: 6894150
You can't remove or disable IIS, but you can lock it down to prevent hackers from gaining easy access by downloading and using the IIS Lockdown tool from MS.

IIS Lockdown on Exchange 2000 Servers
In Exchange 2000 environments, the lockdown tool does not accommodate Exchange installable file system (IFS) mounted drives (typically drive M). To use the lockdown tool on Exchange 2000 servers:

Run IISlockD.exe.


Click Advanced Lockdown , and then click Next .


The Remove Script Mappings dialog box is displayed:


If the Disable support for Active Server Pages (.asp) check box is selected, the OWA multimedia button does not function. The following Microsoft Knowledge Base article describes the process to disable the multimedia button for customers who do not have a unified messaging solution:
Q288119 XWEB: How to Disable the Multimedia Button in OWA
When Active Server Pages (ASP) pages are disabled, unified messaging still functions with the WAV file attachment.


If the Disable support for the .HTR scripting (.htr) check box is selected, the OWA Change Password feature does not function. This OWA feature is disabled by default. The following Knowledge Base article describes the process to hide the Change Password button in OWA:


Q297121 XWEB: How to Hide the Change Password Button on the Outlook Web Access Options Page
Click Next .


The Additional Lockdown Actions dialog box is displayed:


Click to clear the Disable Distributed Authoring and Versioning (WebDAV) check box.


Click to clear the Set file permissions to prevent the IIS anonymous users from writing to content directories check box. This excludes the IIS virtual directories that are mapped to Exchange IFS.


Click Next , and then click Yes to complete the lockdown process.


To manually set the file permissions for the IIS anonymous user, set an explicit Deny All Access Control Entry (ACE) for anonymous Web users for each IIS virtual directory:
Start the Internet Services Manager Microsoft Management Console (MMC).


Click to expand the Default Web Site .


For each virtual directory:


Click to select a virtual directory, right-click the virtual directory, and then click Properties .


On the Virtual Directory tab, note the local path.


Start Microsoft Windows Explorer, and then locate the local path folder.


Right-click the folder, and then click Properties .


Click the Security tab.


Click Add .


Click to select the _Web Anonymous Users and _Web Applications accounts, and then click OK .


Click to select the _Web Anonymous Users account, and then deny Full Control ACE.


Click to select the _Web Anonymous Users account, and then deny Full Control ACE.


Click to select the _Web Applications account, and then deny Full Control ACE.


Repeat step 3 for each virtual directory, excluding the Exchange and Exadmin virtual roots.

hope this helps.... also you have to stay current with your security patches....

Jeff-
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
This article explains how to install and use the NTBackup utility that comes with Windows Server.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question