IIS Lock Down Tool may break RDA or Replication that uses Anonymous authentication

Article translations Article translations
Article ID: 310654 - View products that this article applies to.
This article was previously published under Q310654
This article has been archived. It is offered "as is" and will no longer be updated.
Expand all | Collapse all

SYMPTOMS

If you install the Microsoft Internet Information Server (IIS) Lock Down Tool with all the default options, it may break a working Microsoft SQL Server 2000 Windows CE (SQL Server CE) or Microsoft SQL Server 2005 Compact Edition Remote Data Access (RDA) or Replication application that uses Anonymous authentication.

CAUSE

The default Setup of the IIS Lock Down Tool sets the following option:
"Set file permissions to prevent anonymous IIS users from writing to content directories."
SQL Server CE or SQL Server Compact Edition Replication and RDA rely on three modes of IIS authentication:
  • Anonymous authentication
  • HTTP Basic authentication
  • Integrated Windows authentication

RESOLUTION

To resolve this problem:
  • If you use SQL Server CE connectivity applications or SQL Server Compact Edition applications that use Anonymous authentication, clear this default option:
    "Set file permissions to prevent anonymous IIS users from writing to content directories."
    Otherwise the application may not run.

    -or-

  • You can reconfigure SQL Server CE connectivity applications or SQL Server Compact Edition applications to use Basic or Integrated Windows authentication, not Anonymous, to run the tool.

MORE INFORMATION

SQL Server CE RDA and replication components communicate by using Web protocols. The SQL Server CE Client Agent on the Windows CE device uses HTTP to communicate with the SQL Server CE Server Agent ISAPI DLL on the Web server.

Steps to reproduce the problem

To reproduce the problem, use these steps:
  1. Set up the SQL Server CE Northwind_RDA sample as described in SQL Server CE 2000 Books Online.
  2. Run the setup for the IIS Lock Down tool.
  3. Click to select SERVER TEMPLATE (click Other Server).
  4. Click to select WEB SERVICE (HTTP).
  5. Select Scripts maps (disable all support).
  6. Click to select Additional Security (default).
  7. Clear this option:
    "Set file permissions to prevent anonymous IIS users from writing to content directories."
  8. Click to select Install URL scan filter.
  9. Run the SQL Server CE Northwind_RDA application and note that it still works ok.
  10. Run the IIS Lock Down setup again to undo the previous installation. Run the setup to keep the default option:
    "Set file permissions to prevent anonymous IIS users from writing to content directories."
    The SQL Server CE Northwind_RDA application fails with a 80070005 error message.

REFERENCES

IIS Lock Down Tool Books Online

Properties

Article ID: 310654 - Last Review: February 28, 2014 - Revision: 4.6
APPLIES TO
  • Microsoft SQL Server 2000 Windows CE Edition 2.0
  • Microsoft SQL Server 2000 Windows CE Edition
  • Microsoft SQL Server 2000 Windows CE Edition 1.1
  • Microsoft SQL Server 2005 Compact Edition
Keywords: 
kbnosurvey kbarchive kbprb KB310654

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com