Microsoft Knowledge Base Article
This article contents is Microsoft Copyrighted material.
©2005-©2007 Microsoft Corporation. All rights reserved.
Terms
of Use |
Trademarks
IIS Lock Down Tool may break RDA or Replication that uses Anonymous authentication
| Article ID | : | 310654 |
| Last Review | : | February 22, 2007 |
| Revision | : | 4.6 |
This article was previously published under Q310654
SYMPTOMS
If you
install the Microsoft Internet Information Server (IIS) Lock Down Tool with all
the default options, it may break a working Microsoft SQL Server 2000 Windows
CE (SQL Server CE) or Microsoft SQL Server 2005 Compact Edition Remote Data Access (RDA) or Replication application that
uses Anonymous authentication.
Back to the top
CAUSE
The default Setup of the IIS Lock Down Tool sets the
following option:
"Set file permissions to prevent anonymous IIS users from writing to content directories."
SQL Server CE or SQL Server Compact Edition Replication and RDA rely on three
modes of IIS authentication:
| • | Anonymous authentication |
| • | HTTP Basic authentication |
| • | Integrated Windows authentication |
Back to the top
RESOLUTION
To resolve this problem:
| • | If you use SQL Server CE connectivity applications or SQL Server Compact Edition applications that use
Anonymous authentication, clear this default option:
"Set file permissions to prevent anonymous IIS users from writing to content directories." Otherwise the application may not run.
-or-
|
| • | You can reconfigure SQL Server CE connectivity applications
or SQL Server Compact Edition applications to use Basic or Integrated Windows authentication, not Anonymous, to run the
tool. |
Back to the top
MORE INFORMATION
SQL Server CE RDA and replication components communicate by
using Web protocols. The SQL Server CE Client Agent on the Windows CE device
uses HTTP to communicate with the SQL Server CE Server Agent ISAPI DLL on the
Web server.
Steps to reproduce the problem
To reproduce the problem, use these steps:
| 1. | Set up the SQL Server CE Northwind_RDA sample as described
in SQL Server CE 2000 Books Online. |
| 2. | Run the setup for the IIS Lock Down tool. |
| 3. | Click to select SERVER TEMPLATE (click Other Server). |
| 4. | Click to select WEB SERVICE (HTTP). |
| 5. | Select Scripts maps (disable all support). |
| 6. | Click to select Additional Security (default). |
| 7. | Clear this option:
"Set file permissions to prevent anonymous IIS users from writing to content directories." |
| 8. | Click to select Install URL scan filter. |
| 9. | Run the SQL Server CE Northwind_RDA application and note
that it still works ok. |
| 10. | Run the IIS Lock Down setup again to undo the previous
installation. Run the setup to keep the default option:
"Set file permissions to prevent anonymous IIS users from writing to content directories." The SQL Server CE Northwind_RDA application fails
with a 80070005 error message. |
Back to the top
REFERENCES
IIS Lock Down Tool Books Online
Back to the top
APPLIES TO
| • | Microsoft SQL Server 2000 Windows CE Edition 2.0 |
| • | Microsoft SQL Server 2000 Windows CE Edition |
| • | Microsoft SQL Server 2000 Windows CE Edition 1.1 |
| • | Microsoft SQL Server 2005 Compact Edition |
Back to the top
Community Feedback System
Very often, it takes hours to solve a problem. Very often, you've looked high
and low, and have tried a lot of solutions. When you finally found it, chances
are, it was because someone else helped you. Here's your chance to give back.
Use our community feedback tool to let others know what worked for you and what
didn't.
Please also understand that the community feedback system is not warranted to be
correct, it's simply a system that we've built to let people try and help each
other. If something in a feedback response doesn't make sense to you, or you're
not comfortable making changes that the feedback talks about (like registry
edits), please consult a professional.
Thank you for using kbAlertz.com Feedback System.
-- Scott Cate
Be the first to leave feedback, to help others about this knowledge base
article.
(Optional) Name
(Optional)
Public URL Or Email
Comments
No
HTML -- Text Only Please
