IIS/ASP Questions...

Posted on 2005-04-11
Last Modified: 2010-05-19

Hello all -

I have this: Windows 2000 Server, running 5 seperate IIS based websites. NO FTP/SMTP.

I need to setup and install ASP on this server. I knwo that IIS comes out of the box with ASP installed and running. But in an attempt to furthut secure this server I removed the necessary ASP (filters,Drviers) or whatever there called from the "ISAPI filters section" of the WWW service master properties section in IIS Admin.

How can i fix that now? I need to run several ASP based scripts. using cdonts or cdosys.

Question by:rbollinger1212
    LVL 70

    Expert Comment

    by:Chris Dent

    Hi Robert,

    The default location for the ASP.NET ISAPI Filter (ASP.NET_1.1.4322.2032 - .NET Framework) is:


    By default this is set as Low Priority. You should be able to add a new filter based on that.

    Standard ASP does not install as an ISAPI Filter, but as a Application Mapping. So if you need those too...

    Application Mapping for .aspx is:

    Limited to: GET,HEAD,POST,DEBUG

    Application Mapping for .asp is:

    Limited to: GET,HEAD,POST,TRACE



    Author Comment

    SO how do i readd that/those filters? just through the ISAPI window? How do i add a application mapping?
    LVL 70

    Expert Comment

    by:Chris Dent

    Assuming your versions are the same as mine...

    For the .NET Filter it's:

    Master WWW Properties
    ISAPI Filters

    Filter Name: ASP.NET_1.1.4322.2032
    Executable: C:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll

    For the Application Mappings (if they're not there) it's:

    Master WWW Properties
    Home Directory
    Configuration (under Application Settings)

    Executable: C:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
    Extension: .aspx
    Limited to: GET,HEAD,POST,DEBUG
    Script Engine - Ticked
    Check File Exists - Not Ticked

    Executable: C:\WINNT\System32\inetsrv\asp.dll
    Extension: .asp
    Limited to: GET,HEAD,POST,TRACE
    Script Engine - Ticked
    Check File Exists - Not Ticked


    Author Comment

    Ok SO i did that... and i am still getting the following error:

    Microsoft VBScript runtime error '800a0030'

    Error in loading DLL: 'GetObject'

    /localstart.asp, line 18

    THis is coming from IE.

    If you have "show friendly http error messages" check in advanced settings of IE you get HTTP 500 Internal Server Error.

    If you disabled "Show friendly http error messages" you get the above stated vbscript error.

    I checked all the application mappings... and downloaded framework... I checked to see that the asp files were registered in the ISAPI section of the website proerties. in both master and site specific...

    I installed WIndows Script package 5.6 which includes vbscript... no change.

    I removed .asp .cer and 2 others from the "deny extensions" of the urlscan.ini file

    I also installed the MDAC 2.8 Compnenets...

    I also ran windows update... i mean what the hell right... besides windows can always be updated...

    YEs, THe IIS lockdown tools has been installed and run... (originally i believe as a static website).

    IF i uninstall IIS Lockdown tool am i going to loose all the site configurations that i currently have, meaning will i have to readd and resetup all the sites that have been added since the lockdown tool was installed?

    What other options do i have?


    Author Comment

    o and i have tested another microsoft provided .asp page - same issue

    Author Comment

    THis is the most recent URLscan log...

    Could any of these things cause the problem as i ahve described?

    [04-11-2005 - 15:32:13] -- Filter initialization time: [04-11-2005 - 15:32:13]  --
    [04-11-2005 - 15:32:13] ---------------- UrlScan.dll Initializing ----------------
    [04-11-2005 - 15:32:13] UrlScan will return the following URL for rejected requests: "/<Rejected-By-UrlScan>"
    [04-11-2005 - 15:32:13] URLs will be normalized before analysis.
    [04-11-2005 - 15:32:13] URL normalization will be verified.
    [04-11-2005 - 15:32:13] URLs must contain only ANSI characters.
    [04-11-2005 - 15:32:13] URLs must not contain any dot except for the file extension.
    [04-11-2005 - 15:32:13] Only the following verbs will be allowed (case sensitive):
    [04-11-2005 - 15:32:13]       'GET'
    [04-11-2005 - 15:32:13]       'HEAD'
    [04-11-2005 - 15:32:13]       'POST'
    [04-11-2005 - 15:32:13] Requests for following extensions will be rejected:
    [04-11-2005 - 15:32:13]       '.exe'
    [04-11-2005 - 15:32:13]       '.bat'
    [04-11-2005 - 15:32:13]       '.cmd'
    [04-11-2005 - 15:32:13]       '.com'
    [04-11-2005 - 15:32:13]       '.htr'
    [04-11-2005 - 15:32:13]       '.idc'
    [04-11-2005 - 15:32:13]       '.printer'
    [04-11-2005 - 15:32:13]       '.ini'
    [04-11-2005 - 15:32:13]       '.log'
    [04-11-2005 - 15:32:13]       '.pol'
    [04-11-2005 - 15:32:13]       '.dat'
    [04-11-2005 - 15:32:13] Requests containing the following headers will be rejected:
    [04-11-2005 - 15:32:13]       'translate:'
    [04-11-2005 - 15:32:13]       'if:'
    [04-11-2005 - 15:32:13]       'lock-token:'
    [04-11-2005 - 15:32:13] Requests containing the following character sequences will be rejected:
    [04-11-2005 - 15:32:13]       '..'
    [04-11-2005 - 15:32:13]       './'
    [04-11-2005 - 15:32:13]       '\'
    [04-11-2005 - 15:32:13]       ':'
    [04-11-2005 - 15:32:13]       '%'
    [04-11-2005 - 15:32:13]       '&'

    What do you think?
    LVL 70

    Expert Comment

    by:Chris Dent

    It doesn't look like URLScan is blocking anything - it's generally good about logging what it does block.

    You may want to check the IIS logs for the site for Internal Server Errors (500 Error Code) in addition to the Event Log.

    It may be worth trying to reinstall the .NET Framework on the server to see if that has any impact.

    Could you also post what object the ASP script is being asked to get in each case?

    Author Comment

    yes i am running the default localstar.asp (microsoft script). i have tried the other microsoft script.

    i have also tried another script employing the use cdonts or cdosys for setting script based e-mailing... however i get the same error on all scripts.

    Yesterday when i installed framework that was the first time it had been installed... do i need to reapply the service pack like you used to have to do in the old days....?

    Could this be a permission issue?

    I will check the IIS logs and see whats going on... should i look for anything specific.... ?

    LVL 70

    Accepted Solution


    Do you have a backup copy of the IIS Metabase? That provides another potential method of fixing the settings.

    Is the IWAM_<ServerName> account still present on the system?

    For checking permissions grab FileMon and RegMon from Systems Internals:

    Those will allow you to see any of the more obvious permission errors. Not errors caused by Component Services or policy settings.

    The IIS Logs will probably be adding a 500 error (Internal Server Error) how useful that is depends on whether it provides more information than you already have.

    It would be a good idea to reinstall the service pack if IIS is still not functioning. You may also want to try removing and re-adding IIS in Windows Components - whether that is practical depends on what else you have on there of course.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Suggested Solutions

    Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
    As the title indicates, I have done this before. It chills me everytime I update the OS on my phone, ( because one time I did this and I essentially had a bricked …
    Need more eyes on your posted question? Go ahead and follow the quick steps in this video to learn how to Request Attention to your question. *Log into your Experts Exchange account *Find the question you want to Request Attention for *Go to the e…
    how to add IIS SMTP to handle application/Scanner relays into office 365.

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    21 Experts available now in Live!

    Get 1:1 Help Now