You are currently offline, waiting for your internet to reconnect

IIS 5.0 or IIS 6.0-based Web servers that have Microsoft Operations Manager (MOM) 2005 and the IIS Management Pack installed may randomly add IP address and domain name restrictions to all Web sites on the local computer

This article has been archived. It is offered "as is" and will no longer be updated.
SYMPTOMS
Microsoft Internet Information Services (IIS) 5.0 or IIS 6.0-based Web servers that have Microsoft Operations Manager (MOM) 2005 and the IIS Management Pack installed randomly add IP address and domain name restrictions to all Web sites on the local computer.
CAUSE
This problem occurs because the IIS Management Pack Security: Error 401: "Access Denied" Error - Alert rule is enabled on the MOM 2005 server.
RESOLUTION
To resolve this problem, download the latest version of the IIS Management Pack. To do this, visit the following Microsoft Web site:
WORKAROUND
To work around this problem, disable the Security: Error 401: "Access Denied" Error - Alert rule. To do this, follow these steps:
  1. In the MOM Administrator console, expand Microsoft Operations Manager (Site), expand Management Packs, expand Rule Groups, expand Microsoft Windows Internet Information Services, expand Internet Information Services version, expand Core Services, expand World Wide Web Publishing Service, and then click Event Rules.
  2. In the details pane, right-click Security: Error 401: "Access Denied" Error - Alert, and then click Properties.
  3. Click the General tab, click to select the This rule is disabled check box, and then click Apply.
  4. Right-click Security: Error 401: "Access Denied" - Event Consolidation, and then click Properties.
  5. On the General tab, select This rule is disabled, and then click Apply.
STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
MORE INFORMATION
The following behavior occurs, in the order in which it is presented:
  • The Security: Error 403: "Forbidden" Error - Alert rule or the Security: Error 401: "Access Denied" Error - Alert rule triggers the Automatic IP Deny Script.
  • The Automatic IP Deny Script updates the IP Deny List
The Security: Error 401: "Access Denied" Error - Alert rule has been removed from the publically available versions of the IIS Management Pack, and the Security: Error 403: "Forbidden" Error - Alert rule was removed in Microsoft Operations Manager 2005 Service Pack 1 (SP1).

For more information about the IIS Management Pack, visit the following Microsoft Web site:
REFERENCES
For more information about MOM 2005, visit the following Microsoft Web site:
Properties

Article ID: 912156 - Last Review: 01/15/2015 01:10:42 - Revision: 1.3

Microsoft Operations Manager (MOM) 2005, Microsoft Internet Information Services 6.0, Microsoft Internet Information Services 5.0

  • kbnosurvey kbarchive kbbug kbprb kbtshoot KB912156
Feedback