How To Undo Changes Made by the IIS Lockdown Wizard

This article was previously published under Q317052
This article has been archived. It is offered "as is" and will no longer be updated.
We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 7.0 running on Microsoft Windows Server 2008. IIS 7.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:For more information about IIS 7.0, visit the following Microsoft Web site:
This step-by-step article describes how to remove the IISLockdown Wizard from a Web server and restore the configuration and settings that were changed when the IISLockdown Wizard was run.

back to the top


If you run the IISLockdown Wizard (Iislockd.exe) from the Microsoft Security Toolkit and immediately notice problems with Internet Information Services (IIS), you may run the wizard again to undo the changes that the IISLockdown Wizard has made to the computer.

Note that the undo operation may not be successful if you have made changes to the system between the time when the IISLockdown Wizard was originally run and when the undo task is run. Also, note that the Wizard can undo only the changes that the Wizard has made. The Wizard cannot undo manual changes that you have made to the server configuration.

The undo feature uses the log file, Oblt-log.log, that is created at the time Iislockd.exe is originally run. Oblt-log.log is based on the changes that are recorded in the log, but it does not record any unused services that you have uninstalled. As a result, the undo feature does not restore any previously uninstalled services.

back to the top

Undo Changes Made by the IISLockdown Wizard

  1. Double-click the Iislockd.exe file.
  2. On the This Server Was Already Configured page, read the explanatory text, and then click Next.
  3. The IIS Lockdown Wizard appears and informs you that the process will undo the changes that were made when you last ran the Wizard. Click Yes to continue.
  4. On the Restoring Security Settings page, you can see the previous settings that are restored. When the process is complete, you see "Finished" in the Status area. Note that this can take a significant amount of time based on the complexity of the IIS configuration. Click Next.NOTE: This process does not restore any services that were removed if you selected Remove unselected services when you originally ran the IISLockdown Wizard.

  5. On the Restoration Complete page, click Finish.
back to the top
For additional information, click the article number below to view the article in the Microsoft Knowledge Base:
311113 The IIS Lockdown Wizard Undo Feature Does Not Restore Uninstalled Services

Article ID: 317052 - Last Review: 02/27/2014 21:11:29 - Revision: 4.1

Microsoft Internet Information Server 4.0, Microsoft Internet Information Services 5.0, Microsoft Internet Information Services version 5.1

  • kbnosurvey kbarchive kbhowtomaster KB317052