themightydude
asked on
IIS issue after upgrade
We are in the process of upgrading some of our web application servers from 2003 to 2008 R2. I have just completed upgrading one of our web application servers but am having an issue I'm hoping someone might be able to shine some light on as I'm not much of a IIS guy.
We have an RSA app on our sites and when users go to this website they should get an RSA login screen. However, while testing, we get a HTTP 500 error. If I disable friendly errors in IE it says " Web server Security Configuration Error."
At first I was thinking some sort of permissions issue with the folders but that doesn't seem to be the case. There are sites on here that do work, it just seems that our ASP RSA app is not working.
Are there any tips or tricks to doing a 2003 to 2008R2 upgrade involving IIS that I missed perhaps?
We have an RSA app on our sites and when users go to this website they should get an RSA login screen. However, while testing, we get a HTTP 500 error. If I disable friendly errors in IE it says " Web server Security Configuration Error."
At first I was thinking some sort of permissions issue with the folders but that doesn't seem to be the case. There are sites on here that do work, it just seems that our ASP RSA app is not working.
Are there any tips or tricks to doing a 2003 to 2008R2 upgrade involving IIS that I missed perhaps?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You could try a few things.
Double check if the permissions are indeed all right by creating a simple "test.htm" file in the directory of the website. With e.g. the following contents:
<html><body><h1>Test</h1>< /body></ht ml>
And then check with a browser if you can access this file.
If not, then please make sure the group "IIS_IUSRS" has Read access.
Some applications do need an application pool where "Enable 32-Bit Applications" is set to True.
Is the application pool running with Identity "ApplicationPoolIdentity" ?
How does this compare to the old 2003 server ?
If a separate user is used then make sure that this user has also access to the website's data.
You can monitor the server via Microsoft's Process Monitor.
You can download it here:
https://technet.microsoft.com/en-us/sysinternals/bb896645
https://download.sysinternals.com/files/ProcessMonitor.zip
Double check if the permissions are indeed all right by creating a simple "test.htm" file in the directory of the website. With e.g. the following contents:
<html><body><h1>Test</h1><
And then check with a browser if you can access this file.
If not, then please make sure the group "IIS_IUSRS" has Read access.
Some applications do need an application pool where "Enable 32-Bit Applications" is set to True.
Is the application pool running with Identity "ApplicationPoolIdentity" ?
How does this compare to the old 2003 server ?
If a separate user is used then make sure that this user has also access to the website's data.
You can monitor the server via Microsoft's Process Monitor.
You can download it here:
https://technet.microsoft.com/en-us/sysinternals/bb896645
https://download.sysinternals.com/files/ProcessMonitor.zip
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Found via research
ASKER
As best I can tell it's using the classic settings. If I look at Application pools the websites use an app pool named RSA SecurID Pool, but that pool and Classic .NET App pool both use the same version of .NET Version 2.0.
Is there a way to look farther in and see exactly where its failing?