Article ID: 942060 - Last Review: September 27, 2007 - Revision: 1.1

Make sure that IIS 7.0 configuration files contain no encrypted properties before you use the Sysprep tool to deploy a Windows Vista image

View products that this article applies to.
Expand all | Collapse all

SUMMARY

You can use the System Preparation Tool (Sysprep.exe) to deploy Windows Vista across multiple Windows Vista-based computers. When you prepare to create the source Windows Vista installation image, you must make sure that the Internet Information Services (IIS) 7.0 configuration files contain no encrypted properties. By default, the IIS configuration store contains no encrypted properties. If a system administrator modifies the IIS configuration files to require encrypted properties before the Sysprep image is created, IIS 7.0 may not work as expected on the destination computer.
Back to the top

MORE INFORMATION

The Sysprep tool was designed for system administrators, OEMs, and other users who must automatically deploy Windows operating systems on multiple computers. After you perform the initial setup steps on a single computer, you can run the Sysprep tool to prepare the sample computer for cloning.

For security, IIS 7.0 uses a machine key from the Windows Vista installation to encrypt parts of the configuration store. For example, the following information is encrypted by using a machine key:
  • Secure Sockets Layer (SSL) configuration information
  • The password information for accounts that are used for remote content access
When IIS 7.0 tries to access the value of an encrypted property, IIS 7.0 uses the machine key to decrypt the configuration property. If the machine key is missing or if the machine key has been modified, decryption of the configuration property fails. This failure may cause unknown issues on the IIS 7.0 server.

When you use the Sysprep tool to deploy an image of an IIS 7.0 installation that contains encrypted properties, the machine key is not included in the image. After IIS 7.0 is installed on the destination computer, any IIS processing that requires the encrypted configuration properties to be decrypted fails. This problem occurs because the machine key on the destination computer differs from the machine key on the source computer.

To work around this behavior, make sure that you modify the encrypted properties after you deploy the Sysprep image.
Back to the top

REFERENCES

For more information about the Sysprep tool, visit the following Microsoft Web site:
http://technet2.microsoft.com/WindowsVista/en/library/fd2f79c9-3049-4b8c-bcfd-4e6dc5771ace1033.mspx (http://technet2.microsoft.com/WindowsVista/en/library/fd2f79c9-3049-4b8c-bcfd-4e6dc5771ace1033.mspx)
Back to the top
APPLIES TO
  • Microsoft Internet Information Services 7.0
Back to the top
Keywords: 
kbexpertiseadvanced kbhowto kbinfo KB942060
Back to the top
 

Get Help Now

Contact a support professional by E-mail, Online, or Phone

Article Translations