Default IIS Configuration for Patch Manager Server
Description
This article provides the default Directory Security settings for the Patch Manager Server in Internet Information Services (IIS). If problems arise as a result of changes to these settings, use this article to revert the Patch Manager Server Website to its original configuration.
Applies To
Prism Patch Manager 6.4
Symptons
Any of the following problems can be an indication that Internet Information Services is not configured properly:
- All agents appear offline.
- Access to the Patch Manager Server Website is denied.
- The Patch Manager Server Website returns an "Internal Server Error" message.
- The Patch Manager Server Website returns a "Service Unavailable" message.
- The Patch Manager Server Website appears garbled and missing images.
- "Detection results not found" appears in the Platform column of the Computers page.
Cause
Communication issues between the Patch Manager Server and the IIS Web server typically arise if the default settings in IIS have been altered by the administrators or if configuration settings are modified as the result of security policies instituted on the server or across the network.
Resolution
A) Make certain ASP.NET 1.1 is selected instead of ASP.NET 2.0 or higher:
- On the IIS server, go to Start > Programs > Administrative Tools > Internet Information Services (IIS) Manager (in Windows 2000 Server, IIS is called Internet Services Manager).
- Expand Web Sites (Windows 2003) or the Server name (Windows 2000) then right-click and choose Properties on New Boundary Prism Patch Manager Server.
- Visit the ASP.NET tab and make certain ASP.NET 1.1 is chosen instead of ASP.NET 2.0 or higher.
B) Verify the Web Server Extensions are configured properly:
- On the IIS server, go to Start > Programs > Administrative Tools > Internet Information Services (IIS) Manager.
- Highlight Web Server Extensions.
- The following items need to be enabled:
Active Server Pages
ASP.NET v1.1.4322
Patch Manager Server
C) Verify the account membership of the PLUS ADMINS group:
- Within Computer Management, drill into Local Users and Groups and then select Groups.
- Within the properties of the PLUS ADMINS group, verify the following accounts exist:
Administrator
ASPNET
IWAM_"SERVERNAME"
NT AUTHORITY\NETWORK SERVICE
PatchLink
PLUS ANONYMOUS
PLUS_AGENT
PLUS AGENT (does not exist in version 6.3 or higher)
D) Verify the permissions and directory settings for the web site:
- On the IIS server, go to Start > Programs > Administrative Tools > Internet Information Services (IIS) Manager (in Windows 2000 Server, IIS is called Internet Services Manager).
- Expand Web Sites (Windows 2003) or the Server name (Windows 2000) then expand PLUS.
- Use the following chart to ensure that the PLUS directories are appropriately configured. Pay special attention to the virtual directories.
To view and modify directory settings, right-click on the directory name > select Properties > switch to the Directory Security tab > click Edit in the Authentication and access control section.
-
Directory Name |
Virtual Directory |
Application Name |
Application Pool |
Execute Permissions |
Basic Authentication |
Anonymous Access |
Root (Patch Manager Server) |
- |
Patch Manager Server |
DefaultAppPool |
Scripts Only |
Yes |
No |
AgentCenter |
Yes |
AgentCenter |
Patch Manager Server Services |
Scripts Only |
Yes |
Yes |
DAgent |
Yes |
DAgent |
Patch Manager Server ISAPI |
Scripts Only |
No |
Yes |
Gravitix |
Yes |
Gravitix |
Patch Manager Server Storage |
Scripts Only |
Yes |
Yes |
Update |
Yes |
Update |
Patch Manager Server ISAPI |
Scripts and Executables |
Yes |
No |
UpdateStorage |
Yes |
GravitixStorage |
Patch Manager Server Storage |
Scripts Only |
No |
Yes |
Admin |
No |
- |
- |
Scripts Only |
Yes |
No |
aspnet_client |
No |
- |
- |
None |
Yes |
No |
bin |
No |
- |
- |
Scripts Only |
Yes |
No |
Components |
No |
- |
- |
Scripts Only |
Yes |
No |
Computers |
No |
- |
- |
Scripts Only |
Yes |
No |
Deploy |
No |
- |
- |
Scripts Only |
Yes |
No |
Deployments |
No |
- |
- |
Scripts Only |
Yes |
No |
Download |
No |
- |
- |
Scripts Only |
Yes |
No |
ErrorMessages |
No |
- |
- |
Scripts Only |
Yes |
Yes |
Graphing |
No |
- |
- |
Scripts Only |
Yes |
No |
Groups |
No |
- |
- |
Scripts Only |
Yes |
No |
Help |
No |
- |
- |
Scripts Only |
Yes |
No |
images |
No |
- |
- |
Scripts Only |
No |
Yes |
includes |
No |
- |
- |
Scripts Only |
Yes |
No |
Inventory |
No |
- |
- |
Scripts Only |
Yes |
No |
Packages |
No |
- |
- |
Scripts Only |
Yes |
No |
Reports |
No |
- |
- |
Scripts Only |
Yes |
No |
StyleSheets |
No |
- |
- |
Scripts Only |
No |
Yes |
Support |
No |
- |
- |
Scripts Only |
Yes |
No |
Users |
No |
- |
- |
Scripts Only |
Yes |
No |
Vulnerability |
No |
- |
- |
Scripts Only |
Yes |
No |
Welcome |
No |
- |
- |
Scripts Only |
Yes |
No |
|
On a scale of 1-5, please rate the helpfulness of this article
Optionally provide your comments to help us improve this article...
Thank you for your feedback!