How To Undo Changes Made by the IIS Lockdown Wizard

Article translations Article translations
Article ID: 317052 - View products that this article applies to.
This article was previously published under Q317052
This article has been archived. It is offered "as is" and will no longer be updated.
We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 7.0 running on Microsoft Windows Server 2008. IIS 7.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:
http://www.microsoft.com/technet/security/prodtech/IIS.mspx
For more information about IIS 7.0, visit the following Microsoft Web site:
http://www.iis.net/default.aspx?tabid=1
Expand all | Collapse all

On This Page

SUMMARY

This step-by-step article describes how to remove the IISLockdown Wizard from a Web server and restore the configuration and settings that were changed when the IISLockdown Wizard was run.

Introduction

If you run the IISLockdown Wizard (Iislockd.exe) from the Microsoft Security Toolkit and immediately notice problems with Internet Information Services (IIS), you may run the wizard again to undo the changes that the IISLockdown Wizard has made to the computer.

Note that the undo operation may not be successful if you have made changes to the system between the time when the IISLockdown Wizard was originally run and when the undo task is run. Also, note that the Wizard can undo only the changes that the Wizard has made. The Wizard cannot undo manual changes that you have made to the server configuration.

The undo feature uses the log file, Oblt-log.log, that is created at the time Iislockd.exe is originally run. Oblt-log.log is based on the changes that are recorded in the log, but it does not record any unused services that you have uninstalled. As a result, the undo feature does not restore any previously uninstalled services.

Undo Changes Made by the IISLockdown Wizard

  1. Double-click the Iislockd.exe file.
  2. On the This Server Was Already Configured page, read the explanatory text, and then click Next.
  3. The IIS Lockdown Wizard appears and informs you that the process will undo the changes that were made when you last ran the Wizard. Click Yes to continue.
  4. On the Restoring Security Settings page, you can see the previous settings that are restored. When the process is complete, you see "Finished" in the Status area. Note that this can take a significant amount of time based on the complexity of the IIS configuration. Click Next.NOTE: This process does not restore any services that were removed if you selected Remove unselected services when you originally ran the IISLockdown Wizard.

  5. On the Restoration Complete page, click Finish.

REFERENCES

For additional information, click the article number below to view the article in the Microsoft Knowledge Base:
311113 The IIS Lockdown Wizard Undo Feature Does Not Restore Uninstalled Services

Properties

Article ID: 317052 - Last Review: February 27, 2014 - Revision: 4.1
APPLIES TO
  • Microsoft Internet Information Server 4.0
  • Microsoft Internet Information Services 5.0
  • Microsoft Internet Information Services version 5.1
Keywords: 
kbnosurvey kbarchive kbhowtomaster KB317052

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com