Article ID: 310654 - Last Review: February 22, 2007 - Revision: 4.6

IIS Lock Down Tool may break RDA or Replication that uses Anonymous authentication

View products that this article applies to.
This article was previously published under Q310654
Expand all | Collapse all

SYMPTOMS

If you install the Microsoft Internet Information Server (IIS) Lock Down Tool with all the default options, it may break a working Microsoft SQL Server 2000 Windows CE (SQL Server CE) or Microsoft SQL Server 2005 Compact Edition Remote Data Access (RDA) or Replication application that uses Anonymous authentication.
Back to the top

CAUSE

The default Setup of the IIS Lock Down Tool sets the following option:
"Set file permissions to prevent anonymous IIS users from writing to content directories."
SQL Server CE or SQL Server Compact Edition Replication and RDA rely on three modes of IIS authentication:
  • Anonymous authentication
  • HTTP Basic authentication
  • Integrated Windows authentication
Back to the top

RESOLUTION

To resolve this problem:
  • If you use SQL Server CE connectivity applications or SQL Server Compact Edition applications that use Anonymous authentication, clear this default option:
    "Set file permissions to prevent anonymous IIS users from writing to content directories."
    Otherwise the application may not run.

    -or-

  • You can reconfigure SQL Server CE connectivity applications or SQL Server Compact Edition applications to use Basic or Integrated Windows authentication, not Anonymous, to run the tool.
Back to the top

MORE INFORMATION

SQL Server CE RDA and replication components communicate by using Web protocols. The SQL Server CE Client Agent on the Windows CE device uses HTTP to communicate with the SQL Server CE Server Agent ISAPI DLL on the Web server.

Steps to reproduce the problem

To reproduce the problem, use these steps:
  1. Set up the SQL Server CE Northwind_RDA sample as described in SQL Server CE 2000 Books Online.
  2. Run the setup for the IIS Lock Down tool.
  3. Click to select SERVER TEMPLATE (click Other Server).
  4. Click to select WEB SERVICE (HTTP).
  5. Select Scripts maps (disable all support).
  6. Click to select Additional Security (default).
  7. Clear this option:
    "Set file permissions to prevent anonymous IIS users from writing to content directories."
  8. Click to select Install URL scan filter.
  9. Run the SQL Server CE Northwind_RDA application and note that it still works ok.
  10. Run the IIS Lock Down setup again to undo the previous installation. Run the setup to keep the default option:
    "Set file permissions to prevent anonymous IIS users from writing to content directories."
    The SQL Server CE Northwind_RDA application fails with a 80070005 error message.
Back to the top

REFERENCES

IIS Lock Down Tool Books Online
Back to the top
APPLIES TO
  • Microsoft SQL Server 2000 Windows CE Edition 2.0
  • Microsoft SQL Server 2000 Windows CE Edition
  • Microsoft SQL Server 2000 Windows CE Edition 1.1
  • Microsoft SQL Server 2005 Compact Edition
Back to the top
Keywords: 
kbprb KB310654
Back to the top
 

Get Help Now

Contact a support professional by E-mail, Online, or Phone

Article Translations

 

Related Support Centers