|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
How to tell if IIS lockdown Tool is installed?Hi
Sorry for the simplicity of this question but can anyone tell me how I can easily tell if the IIS lockdown Tool as been installed on a machine. I know it doesnt appear in Add/Remove programs. I also know Urlscan does appear there but URLscan may have not been installed. I have compared the Inetsrv folder whilst IIS lockdown was installed on my machines and after I uninstalled it by running the IIS lockdown installation again and couldnt see any file changes. I am trying to assist a colleague who is troubleshooting a customers installation remotely and he has asked how to check if IIS lockdown tool has been installed. Thanks for any assistance. When IIS Lockdown Tool is installed it creates two files in the
%windir%\system32\inetsrv directory. These files are oblt-rep.log and oblt-log.log. It also back ups the metabase before doing changes. The back up file name starts with oblt-mb and is located in %windir%\system32\inetsrv\metaback. When the Tool is uninstalled metabase back up file is deleted, the oblt-log.log file is deleted and two new log files oblt-undo.log and oblt-undone.log are created in the inetsrv directory. By checking the presence and creation time of these files you will be able to tell whether IIS lockdown was ever installed, is currently installed and when it was installed and finally if and when it was uninstalled. -- Show quoteHide quoteJiri Richter Microsoft Corp. This posting is provided "AS IS" with no warranties, and confers no rights. "John Smith" <1234@567678> wrote in message news:uEbos6zPFHA.1176@TK2MSFTNGP12.phx.gbl... > Hi > > Sorry for the simplicity of this question but can anyone tell me how I can > easily tell if the IIS lockdown Tool as been installed on a machine. I > know > it doesnt appear in Add/Remove programs. I also know Urlscan does appear > there but URLscan may have not been installed. > > I have compared the Inetsrv folder whilst IIS lockdown was installed on my > machines and after I uninstalled it by running the IIS lockdown > installation > again and couldnt see any file changes. > > I am trying to assist a colleague who is troubleshooting a customers > installation remotely and he has asked how to check if IIS lockdown tool > has > been installed. > > Thanks for any assistance. > > I asked the setup developer, and there is actually a registry key written by
IISLockdown tool when it completes (I don't have the key's name/location handy at the moment, but RegMon from www.sysinternals can probably find it). Incidentally, this is also how IIS6 determines on a IIS5 upgrade whether IIS Lockdown has been run or not. -- //David IIS http://blogs.msdn.com/David.Wang This posting is provided "AS IS" with no warranties, and confers no rights. // "John Smith" <1234@567678> wrote in message Sorry for the simplicity of this question but can anyone tell me how I cannews:uEbos6zPFHA.1176@TK2MSFTNGP12.phx.gbl... Hi easily tell if the IIS lockdown Tool as been installed on a machine. I know it doesnt appear in Add/Remove programs. I also know Urlscan does appear there but URLscan may have not been installed. I have compared the Inetsrv folder whilst IIS lockdown was installed on my machines and after I uninstalled it by running the IIS lockdown installation again and couldnt see any file changes. I am trying to assist a colleague who is troubleshooting a customers installation remotely and he has asked how to check if IIS lockdown tool has been installed. Thanks for any assistance. Many thanks to both of you. My process of using an 80% screen shot of
before uninstalling (due to window size) compared to the Explorer view after was obviosuly flawed. I should have used Beyond Compare but using this newsgroup has done the job equally well. I had also looked in the registry and will now do a more exhaustive test. I thought I'd ask anyway as I was suprised there was nothing more aparent as a mark that it was installed, when URL Scan has its own Add/Remove program group and Folder in the Inetsrv folder. Thanks again! Show quoteHide quote "David Wang [Msft]" <some***@online.microsoft.com> wrote in message news:%23YjxeS8PFHA.3496@TK2MSFTNGP12.phx.gbl... > I asked the setup developer, and there is actually a registry key written by > IISLockdown tool when it completes (I don't have the key's name/location > handy at the moment, but RegMon from www.sysinternals can probably find it). > Incidentally, this is also how IIS6 determines on a IIS5 upgrade whether IIS > Lockdown has been run or not. > > -- > //David > IIS > http://blogs.msdn.com/David.Wang > This posting is provided "AS IS" with no warranties, and confers no rights. > // > "John Smith" <1234@567678> wrote in message > news:uEbos6zPFHA.1176@TK2MSFTNGP12.phx.gbl... > Hi > > Sorry for the simplicity of this question but can anyone tell me how I can > easily tell if the IIS lockdown Tool as been installed on a machine. I know > it doesnt appear in Add/Remove programs. I also know Urlscan does appear > there but URLscan may have not been installed. > > I have compared the Inetsrv folder whilst IIS lockdown was installed on my > machines and after I uninstalled it by running the IIS lockdown installation > again and couldnt see any file changes. > > I am trying to assist a colleague who is troubleshooting a customers > installation remotely and he has asked how to check if IIS lockdown tool has > been installed. > > Thanks for any assistance. > > > IISLockDown doesn't really install anything. It just removes some
functionality (e.g. removing unneeded ISAPI Extensions), and tightens IIS' settings. So the only thing it really needs to keep is a log of the changes that it's made so that the changes can be "undone" if you need to revert back to your previous setting. On the other hand, URLScan actually installs files so that it can function. Cheers Ken Show quoteHide quote "John Smith" <1234@567678> wrote in message news:%23$v$0DAQFHA.3076@TK2MSFTNGP14.phx.gbl... : Many thanks to both of you. My process of using an 80% screen shot of : before uninstalling (due to window size) compared to the Explorer view after : was obviosuly flawed. I should have used Beyond Compare but using this : newsgroup has done the job equally well. : : I had also looked in the registry and will now do a more exhaustive test. I : thought I'd ask anyway as I was suprised there was nothing more aparent as a : mark that it was installed, when URL Scan has its own Add/Remove program : group and Folder in the Inetsrv folder. : : Thanks again! : : "David Wang [Msft]" <some***@online.microsoft.com> wrote in message : news:%23YjxeS8PFHA.3496@TK2MSFTNGP12.phx.gbl... : > I asked the setup developer, and there is actually a registry key written : by : > IISLockdown tool when it completes (I don't have the key's name/location : > handy at the moment, but RegMon from www.sysinternals can probably find : it). : > Incidentally, this is also how IIS6 determines on a IIS5 upgrade whether : IIS : > Lockdown has been run or not. : > : > -- : > //David : > IIS : > http://blogs.msdn.com/David.Wang : > This posting is provided "AS IS" with no warranties, and confers no : rights. : > // : > "John Smith" <1234@567678> wrote in message : > news:uEbos6zPFHA.1176@TK2MSFTNGP12.phx.gbl... : > Hi : > : > Sorry for the simplicity of this question but can anyone tell me how I can : > easily tell if the IIS lockdown Tool as been installed on a machine. I : know : > it doesnt appear in Add/Remove programs. I also know Urlscan does appear : > there but URLscan may have not been installed. : > : > I have compared the Inetsrv folder whilst IIS lockdown was installed on my : > machines and after I uninstalled it by running the IIS lockdown : installation : > again and couldnt see any file changes. : > : > I am trying to assist a colleague who is troubleshooting a customers : > installation remotely and he has asked how to check if IIS lockdown tool : has : > been installed. : > : > Thanks for any assistance. : > : > : > : : 
Other interesting topics
IIS 6 conflict using port 443 for NON-SSL traffic
Intranet problem - 404 and 405 errors client certificates Strange IIS 5 problem with client certificates NTFS permissions Anonymous access request certificate immediately Permission denied: 'CreateObject' - error '800a0046' Indexing Service, web page, no results... Permissions? prevent local security policy override |
|||||||||||||||||||||||
