BlogEngine.Net 1.6 is released – and I’ve upgraded! Also migrated to IIS 7

4. February 2010
Comments (0)

I’ve just upgraded to BE.Net 1.6, and I thought I’d migrate to GoDaddy’s IIS 7 servers at the same time. The theory is that this would be a an easy migration and I’d have the weekend to iron out any bugs. Not so.

After testing on my local IIS 7 and working perfectly, I uploaded the updates to my live blog and hit the “Migrate to IIS 7” button, which promises it will be completed in 24h. I received the “update your DNS” email, and duly updated my A records to the new server, and the transfer seems to be ok – aside from the fact that viewing any specific post causes an error – I’m guessing with the permissions of the App_Data folder. The catch being that I can’t access my IIS settings until GoDaddy have completed their 24h migration process.

It’s now been more than 72 hours since I kicked of the migration and still I cannot access and fix the IIS permissions issue which is dogging my blog. I’ve emailed twice and am still waiting for some resolution. Perhaps I won’t be renewing this year?

BlogEngine.NET, IIS , , ,

MOSS 2007 – Alternate Access Mapping authentication fails

16. October 2009
Comments (0)

If you have an Alternate Access Mapping configured for a MOSS 2007 site with Integrated Authentication you might find that you get prompted for the DOMAIN\UserName and Password. After 3 attempts you get to a HTTP 401 error.

This can be resolved by following the steps in MS KB 896861

HTH,

Sam

MOSS, IIS , , , ,

Outlook Web Access over SSL using Forms Based Authentication AND Integrated Authentication

16. July 2008
Comments (2)

Outlook Web access is a fantastic tool for our company, providing on-the-go access to people's mailboxes - which is of course secured by SSL and uses Forms Based Authentication. Internally, we have an intranet portal that allows us to access the various systems - one of which is OWA. One of the stipulations for this internal portal is that it is all Single Sign On using NTLM authentication - integrated authentication. This is where the problem lies because enabling OWA with Forms Based Authentication over SSL disables Integrated Authentication. So our choice is to have users enter their credentials twice (not acceptable) or to disable FBA and have external users log on with the annoying pop-up.

OR...

You can create a copy of the /Exchange and /Public Virtual Directories and configure them to use Integrated Authentication. You can also restrict access to them by IP...here's how:

 I'm assuming you've already set up OWA with SSL on your Exchange server. If you need to do that, try How do I configure OWA to use SSL? at Daniel Petri's site

  1. Log onto your Exchange Server, and open up the IIS control panel. Locate your /Exchange and /Public virtual directories.
  2. Right click /Exchange, select "All Tasks" and then "Save Configuration to a File..."
    Figure 1
  3. Go through the dialogue, save to a file and if you're worried about security, add a password.
  4. Once you're done, right click any white space in the root web site (or the exchange web site) and select "New", then select "Virtual Directory (from file)..."
    Figure 2
  5. You will be presented with the "Import Configuratio" dialogue, click "Browse..." and select the file you've just created. Click "Read File" and select the Exchange location underneath
    Figure 3
  6. Click "OK" and you'll be asked to provide a new name, or replace the existing Virtual Directory - select create a new one and put an appropriate name (I uses ExchangeIA)
    Figure 4
  7. Now, this step is optional, but read on anyway because you might want to think about it. I only want to allow people on my network to access this using Integrated Authentication, no one else, so I am going to restrict access to the Virtual Directory that I've just created to my IP subnet. To do this right click the newly created Virtual Directory (ExchangeIA) and select the "Directory Security" tab. Under "IP address and domain name restrictions" click "Edit". Now select "Denied access" to deny anyone other than the exceptions, then click "Add.." and enter the details of your network to allow those computers access.
    Figure 5
  8. Now head back to step 1 and repeat for the /Public folder, if Integrated Authentication is required for Public Folders.

IIS, Outlook Web Access, Windows Vista, Exchange , , , , , , , ,

Restoring the ASP.NET tab in IIS

4. April 2008
Comments (0)

If you've logged onto the properties for your IIS install and found that the ASP.NET tab has mysteriously disappered, you can try a couple of things.

Firstly, try re-registering ASP.NET with IIS using the ASPNET_REGIIS.exe located in the .NET installation folder:

c:\WINDOWS\MICROSOFT.NET\framework\\aspnet_regiis -i

 

Chances are though, that it won't work, and that you can try and number of command using aspnet_regiis.exe or even uninstalling and reinstalling .NET and you won't actually fix the problem. (Note: on x64 systems this could be a different problem, Google again with x64!)

This was solved by switching a flag (Enable32BitAppOnWin64) to false in the IIS metabase:

cd c:\Inetpub\AdminScripts\

cscript.exe adsutil.vbs set W3SVC/AppPools/Enable32BitAppOnWin64 FALSE

You should then be able to see the ASP.NET tab restored in the site properties.

IIS, ASP.NET , ,