IIS issue after upgrade

We are in the process of upgrading some of our web application servers from 2003 to 2008 R2. I have just completed upgrading one of our web application servers but am having an issue I'm hoping someone might be able to shine some light on as I'm not much of a IIS guy.

We have an RSA app on our sites and when users go to this website they should get an RSA login screen. However, while testing, we get a HTTP 500 error. If I disable friendly errors in IE it says " Web server Security Configuration Error."

At first I was thinking some sort of permissions issue with the folders but that doesn't seem to be the case. There are sites on here that do work, it just seems that our ASP RSA app is not working.

Are there any tips or tricks to doing a 2003 to 2008R2 upgrade involving IIS that I missed perhaps?
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Peter HutchisonSenior Network Systems SpecialistCommented:
I am not sure what an RSA web app is?
Is it written in ASP.NET code? If so, then there are differences between IIS 6 and 7. If the web.config has not been updated, then you should change the Application Pool to a Classic ASP.NET Pool to use the older version of ASP.NET.
themightydudeAuthor Commented:
Yes..it's a RSA SecurID program that is an ASP program to provide authentication to some of our internal sites.

As best I can tell it's using the classic settings. If I look at Application pools the websites use an app pool named RSA SecurID Pool,  but that pool and Classic .NET App pool both use the same version of .NET Version 2.0.

Is there a way to look farther in and see exactly where its failing?
You could try a few things.
Double check if the permissions are indeed all right by creating a simple "test.htm" file in the directory of the website. With e.g. the following contents:

And then check with a browser if you can access this file.
If not, then please make sure the group "IIS_IUSRS" has Read access.

Some applications do need an application pool where "Enable 32-Bit Applications" is set to True.

Is the application pool running with Identity "ApplicationPoolIdentity" ?
How does this compare to the old 2003 server ?
If a separate user is used then make sure that this user has also access to the website's data.

You can monitor the server via Microsoft's Process Monitor.
You can download it here:
themightydudeAuthor Commented:
So basically this all ended up being an issue with the RSA authentication manager agent for IIS.

The version we had was not compatible with server 2008 / IIS 7.5. We had to go back to our 2003 box, uninstall the RSA agent, then upgrade again and install the new verison. After that, everything was fine.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
themightydudeAuthor Commented:
Found via research
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft IIS Web Server

From novice to tech pro — start learning today.