Hello everyone,

Setup: I have a site on my Microsoft 2012 R2 server that is running IIS

Issue: I can access the site from the servers browser by typing in "site.com" and the ip, 192.168.10.5. I cannot access the site from another device on the network. View IP or site.com.

What I Have Tried:

I am having some trouble getting a brand new Microsoft 2012 R2 Server up and running. I have installed IIS and DNS. I created a new site and added the following bindings:

Type     Ip                         Port     Host Name

http     All Unassigned     80        site.com

http     192.168.10.5         80       site.com

http     192.168.10.5         80

Right now I have nothing in my hosts file. I have tried a few entries in there with no success, so for now I have removed them.

My DNS Forward Lookup Zone is named, site.com.

I have two A Hosts:

Host                                 FQDN                IP

(same as parent folder)    site.com            192.168.10.5

www                                 www.site.com   192.168.10.5

As far as my firewall goes, I added a new Inbound Rule named "site". It is a port rule on TCP, allowing port 80. I selected "Allow the connection" on the Actions page, and the profile applies to Domain, Private, and Public.

I have also checked World Wide Web Services (HTTP Traffic-In) and it is enabled.

I cannot ping the device I am testing with from the server in command prompt. I also cannot ping the server from the device I am testing with.

Whenever I try to access the site, it just sites there loading until it timesout. I have checked the pfirewall.log and it is empty. Also the C:\inetpub\logs\LogFiles\* are not saving anything from the device I am testing with.

Any ideas? Thanks!

Hello Team,

TBH, I have new in IIS.

We have IIS 8 running on windows server 2012 R2. I recently updated the server certs for two siteswww.xxx.org and www.yyy.org 

After updating the certs, I am able to browse www.xxx.org internally and externally just fine but when i try to browsewww.yyy.org from expternally it is unreachable. www.yyy.org internally works just fine. 

When I check www.yyy.org here https://www.digicert.com/help/ it says unable to connect. 

Here are the settings of bindings.

for www.xxx.org

Type: https 

IP add: All Unassigned 

POrt: 443

Hostname: www.xxx.org

SSL cert: xxxxxx

for www.yyy.org

Type: https 

IP add: All Unassigned 

POrt: 443

Hostname: www.yyy.org

checked box Require Server Name Indication 

SSL cert: xxxxxx

I am also gettings this message: No default ssl site has been created to support browsers without sni capabilities, it is recommended to create a default ssl site.

I appreciate your time and effort. 

Thanks, 

We've been using URL Rewrite 2.x (v7.2.1980) to remove unwanted cookie values (in this case BadFood) as requests come in.  This inbound rule is setup under Conditions with an Input of {HTTP_COOKIE} and a pattern like: 

^(.*?)((?:BadFood\d*?=[^;\s]+[;\s]+)+)(.*)$

A sample cookie (data changed to protect the innocent) looks something like:

GoodFood=veggies; BadFood=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa; BadFood1=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa; BadFood2=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa; BadFood3=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa; BadFood4=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa; BadFood5=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa; BadFood6=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa; GoodFood=fruits;

This has been working fine with v7.2.1980. However, when we updated to v7.2.1993 (the most recent release as of this post), Failed Request Tracing shows this Error 

ModuleName IIS Web Core

Notification PRE_BEGIN_REQUEST

HttpStatus 500

HttpReason URL Rewrite Module Error.

HttpSubStatus 51

ErrorCode 2152071481

ConfigExceptionInfo

ErrorDescription The expression "^(.*?)((?:BadFood\d*?=[^;\s]+[;\s]+)+)(.*)$" failed to match because there was not enough memory available.

ModuleName RewriteModule

NotificationStatus NOTIFICATION_HANDLED

In the URL Rewrite Expression Test Pattern screen inside of IIS Manager, I also get an error after clicking Test: "The expression did not match because there was not enough memory available." Interestingly, if a single character is removed in the sample data (one 'a' in my test), the test pattern works.

Any ideas about what changed between v 7.2.1980 and 7.2.1993 that might cause this?

Hello!
Please, consider the following setup
PrintServer on Windows 2012R2 (contoso.com domain member) + IIS 8.5 + InternetPrinting Role + RedHat Linux as a print volume generator
I have managed to submit jobs from the Linux machine up to the printserver by a local user account of Windows 2012R2 using the following URL in CUPS IPP printer configuration
http://localuser:Password@10.10.10.1/Printers/Printer.printer
What I would like to achieve is to make printjobs land onto a domain account, but I can not find how to specify domain contoso.com in the URL. Something like
http://localuser@contoso.com:Password@10.10.10.1/Printers/Printer.printer is obviously wrong.
Any ideas would be much appreciated!

Hello everyone,

I have problems with server-side CRL control:

I have some sites served by IIS on which access is made via digital certificate. On these sites is set anonymous authentication (the authentication is done by the application), so IIS is passing through the certificate, but at random intervals it happens that a number of users can not access through their certificate (they do not arrive at the application, they are blocked by the IIS).

On the client they receive a 403 Forbidden, in the IIS logs I find the error code "403 13 2148081683"

During these periods of "darkness" (which does not happen for all CA configured, so not all users are cut off, only some groups, sometimes not even all users of the same CA, which would make you to think about some problem on client side, but deactivating the CRL check on server side, all users pass), if I try to manually download the CRL through the CDP of the CA, I can always download the file, but users still can not access (of course I checked some spot certificate verifying that they were not actually revoked).

We have already verified any possible connectivity problem (no proxy, public dns, firewall, routing, everything ok)

Activating the CAPI2 log I find the most disparate errors, often I find the error "The revocation function was unable to check revocation because the revocation server was offline", but I don't understand the reason why, because if I try to manually download the CRL I can always download it

I hope someone can help me. Thank you.

Roberto

Is there any way to run debug diagnostic tool as a service?

I want to collect IIS/App Pool crash dump in one of our servers. However, the server logs-off users after a few minutes of inactivity, which would close the debug diagnostic tool application. Running the tool as a service, if possible, would solve this problem.

Specifically, i'm looking to find the cause of following exception which causes the application pool to shut down:

A process serving application pool 'xxxxxxxx' suffered a fatal communication error with the Windows Process Activation Service. The process id was '12608'. The data field contains the error number.

OS: Windows Server 2012 R2

IIS: 8.5

I have two webfarms namely Mail and PowerBi. Both are working fine until Mail stopped working and getting 502.4 error "Web server received an invalid response while acting as a gateway or proxy server." Looking at the trace, under Rule Evaluation Start, the Rule Name it uses was ARR_Powerbi_loadbalance_SSL instead of ARR_Mail_loadbalance_SSL. Any idea why it just started using this Rule Name all of a sudden when in fact it was working fine before?

1. -GENERAL_REQUEST_START

Hi,

I am struggling with something I don't understand about my FTPS site. W2K12 server (with latest updates) IIS 8.0, FTPS site in IIS.

My users are able to log in and can list or add directories. But, when they try to upload a file it doesn't work. The files seems to be uploaded but it is immediately deleted. Tried with Filezilla and CoreFTP and I get the same error message : Answer : 550 Error : cannot upload file

Users are in a group of "Ftpusers" that is allowed to write on the directories plus I manually added the sames rights to the users accounts.

I have no idea what the issue could be.

Has anyone ever faced this issue ?

Thx a lot.

I need a rewrite rule for a website that will redirect both http://domain.com and http://www.domain.com to https://www.domain.com. The SSL cert doesn't cover https://domain.com, and changing that isn't an option at the moment.

My IIS 7.5 server is setup to use .NET v2.0.50727 at the server level (Start Page, Server level) and I want to change it to v40.30319 but when go to Actions>Manager Server>Change .NET Framework Version and change it to v4.0.30319 it does not save it.

My apppools all work fine I can use V2 or V4 with no trouble it is on at the Server level I am having issues.

What can I do to get this to save the v4.xxxx version for the server? 

Hello,

We have an ASP.NET 4.5 web application hosted in Windows Server 2012 R2 with IIS 8.5. The database was hosted on SQL Server 2008, and everything looked fine. Recently, we migrated our database from the SQL Server 2008 to another SQL Server 2014 box. We took a database backup and restore the same to SQL Server 2014. After that, we got a performance issue. The web pages become slower and slower and finally timed out. The DBA team found very high CPU utilization of the SQL Server 2014 database. But if we change the database connection string from the new SQL 2014 to the old SQL 2008 in Web.config, everything becomes normal. My question is, is there any free tool running on IIS web server to troubleshoot this performance issue? For example, to check the database connection status, etc..

Thanks,
高麻雀

Hi all

I am working on an application which requires to have an HTTP Handler for handling a .pdf File 

The handler's configuration in web.config file is as followed,

<system.webServer>

<handlers accessPolicy="Read, Script">
<add name="FilePdf" path="*.pdf" verb="GET,POST" type="ComplianceMonitor.TestingHandler" resourceType="File" modules="IsapiModule" scriptProcessor="C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64"/>
</handlers>

</system.webServer>

https://xxx/filename.pdf

but the problem is that the handler is not responding  for POST request in Internet Explorer(IE) browser,

Any suggestions.?

Your help is most appreciated

thanks in advance

Greetings,

We have come across a strange problem which have struggled to solve for 2 days now with no luck-at least not at it's core.

Here's the situation:

Windows 2012 R2 Standard with latest updates installed
IIS 8.5
Have tried all PHP 5.3, 5.4, 5.5, standard installation with fastCGI.

When running a specific module in our Joomla 3 application, all we get in the browser is a reset on the request. Safari reports "Server unexpectendy dropped the connection". Chrome reports "Error code: ERR_CONNECTION_RESET" and so on.

We cannot track down the error. IIS logs do not tell us much. Event viewer also doesnt report anything. PHP logs (with xdebug installed) do not report any error (because the request never gets there, IIS drops before). We have also configured failedRequestTracing but it doest report anything either, probably because the requert is dropped before the failedRequeryModule is kicked it.

Basically, we cannot track down the error. IIS/Windows just drops the connection and that's it.

Why is the connection dropped instead of IIS throw an error?
Is it a bug?
Any clues?

Thanks

Alex

windows server 2008 / IIS 7

so i've been using CDOSYS mymail functions for a while along with our office365 managed external mail provider.
it works and can send to any email address as long its within the same "email domain"..

however i have since found out that it fails when trying to send to any external email address, with the usual #error '8004020e' error.

what i can't understand is why it fails here, but when we use the exact same account/authentication details on a different system that auomates reports for us (jeffnet), then it is able to send to external address just fine.
so i can only assume it is either an IIS config issue or a code issue.

the code i am using is

<%
Set myMail=CreateObject("CDO.Message")
myMail.Subject="Mail Test"
myMail.To="default@example.com"
myMail.TextBody="Test"

myMail.From="blah@myoffice365email.com"
myMail.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/smtpserver")="smtp.office365.com"
myMail.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/smtpserverport")=587
myMail.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/sendusing")=2
myMail.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/smtpauthenticate") = 1
myMail.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/smtpusessl") = False
myMail.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/smtpconnectiontimeout") = 20
myMail.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/sendusername") = "blah@myoffice365email.com"
myMail.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/sendpassword") = "password123"

myMail.Configuration.Fields.Update
myMail.Send
set myMail=nothing
%>

jeffnet uses just the following details

SMTP server : smtp.office365.com
SMTP port : 587
mail account name : blah@myoffice365email.com
authentication id : blah@myoffice365email.com
authentication password : password123

so can anyone help with what the issue might be?
i can only assume it's not an office365 issue, otherwise jeffnet would also fail to send to external addresses.

Hello community,

i have a big big problem.

I have an old web application builded with java 7. It's running on a tomcat 7 server. The webapp has a local login system and functionality to login within single sign-on thru the windows authentication.

Both are working fine unitl one thing.

When i'm logged in with the single sign-on and navigate to the overview the content is broken. By the way the overview has lots of elements. The plain response has a sinze of 5,8 MB.

If i'm logged in with the local login the view looks like this:

On the second node every of the seven root nodes have hundreds of elements.

Now if i'm loggin in with sso the page looks like this:

Or like this:

You see there are elements missing between 8.1 and 8.7. 

Curiusly some root nodes are listed under other root nodes:

Thats definetly wrong.

I looked for hours but i can't identify the problem.

Without sso but IIS as Port-Mapper (8080 from tomcat to 80) it's working fine.

But if you are loggin in with with sso it's always broken.

Do you have any idea?

Edit:

The SSO settings:

Hi,

I have a SMTP relay setup under Window 2012 R2

Multiple system (not a web application)  is sending email via this SMTP relay

I need to capture and process those email (.EML) before it sending out to the recipient

The problem is the email is sending out so fast before i even able to capture it

Is there a way i can create a temporary folder to redirect this email (.EML) files into it. Which my script will process the .EML files, and move it back to pickup folder for sending out?

I understand that i can change the pickup directory with the following command. however, this change the pickup directory entirely to a new folder instead of creating a intermediate folder before the pickup folder

cscript.exe C:\inetpub\AdminScripts\adsutil.vbs set smtpsvc/1/pickupdirectory "new directory for pickup folder"

So, a trip down memory lane is in order.

Starting (for us) with IIS7, we installed the IIS Advanced Logging add-in, which gave us the ability to add new fields and direct that data to a different location versus the default logging location.

This has worked well for us up to and including IIS 8.5.

Introduce IIS 10

Advanced Logging MSI will not install on Windows 2016, you get a pop-up saying that IIS version 7.0 is required to use IIS AL 1.0

I know that custom logging was added to IIS 8.5 but we continued to use the AL 1.0 since our install script was still working and we didn't want to spend the time changing the script to work with the built-in feature.

In my Powershell script to install IIS and IIS AL, I have a function for adding or setting web configurations like below:

###############################################################################################

Function Update-WebConfiguration ($Action, $Filter, $Name, $Value){

Try{
If ($Action -eq "Set"){
$Command = "Set-WebConfigurationProperty -Filter $Filter -Name $Name -Value $Value"
$Result = Invoke-Expression -Command $Command -ErrorAction SilentlyContinue -ErrorVariable errVariable -WarningAction SilentlyContinue -WarningVariable wrnVariable
}
ElseIf ($Action -eq "Add"){
$Command = "Add-WebConfigurationProperty -Filter $Filter -Name $Name -Value $Value"
$Result = Invoke-Expression -Command $Command
}
}
Catch{
Return $false
}
Return $true
}

###############################################################################################

We changed the location of the advanced log files so as to not interrupt any current process that was using the base logging location or files with this code:

###############################################################################################

Write-Host "[$Now] Setting Advanced Logging Default Log Location..." -ForegroundColor Green -NoNewline

If (!(Update-WebConfiguration -Action 'Set' -Filter '/system.applicationHost/advancedLogging/serverLogs' -Name 'directory' -Value "$strIISAdvLogFolder")){
Write-Host "FAILURE" -ForegroundColor Red
}
Else{
Write-Host "SUCCESS" -ForegroundColor Green
}

###############################################################################################

Then we added advanced logging fields using code  like this:

###############################################################################################

Write-Host "[$Now] Add Logging For REMOTEADDRESS Property..." -ForegroundColor Green -NoNewline

If (!(Update-WebConfiguration -Action 'Add' -Filter '/system.webServer/advancedLogging/server' -Name 'fields' -Value '@{id="REMOTEADDRESS";sourceName="REMOTEADDRESS";sourceType="RequestHeader";logHeaderName="";category="Default";description="";defaultValue="";loggingDataType="TypeLPCSTR"}')){
Write-Host "FAILURE" -ForegroundColor Red
}
Else{
Write-Host "SUCCESS" -ForegroundColor Green
}

###############################################################################################

This all flies out the window with IIS 10.

Anyone have ideas on how to get this to work with IIS 10?

I need to be able to set advanced logging fields BEFORE any sites are created.  If done after, the installer will never know its needed and business partners would just ignore the requirement and then later on when we need the log data, we will discover they never added the fields after they stood up the site(s) that their application has.

We've got a web application installed on a server running IIS 7. This web app is parallel to the Default Web Site, in IIS. Under it is another web application that I put there some years ago. That web application is no longer needed. I'm assuming I could either stop this sub-web application in IIS or perhaps even better just remove it from IIS. Is that OK? Or is there some other step(s) that I need to do?

Hello,

We have a cloud server.

 We have  .net web application with SQL database.

In IIS Default website, we are have around 500+ application addedd with same port number same website.

Physical path for all 500+ application is same,But Database path is different.

.Net web application concept is external devices will call request to .net  web application every 20 seconds.

Now our problem is IIS is getting crashed..

Unable to find the issue. 

Please help on dis if any..

Regards,

Soumya,

Bangalore.

Hello,

We are trying to publish exchange OWA 2016 throught reverse proxy with IIS 10 AAR placed in DMZ.

This is working well.

Now we need to connect with client certificate and this does not work (error 403.13)

ISS 10 AAR in DMZ

CRL list is available from ldap and http, IIS AAR is not domain joined so i try to use http to join CRL.

I have tested CRL with certutil (on admin session and local system with psexec) and wfetch and it's working.

But on we i tried to connect to OWA, i m prompted for certificate and get 403.13 error. Revocation server is offline even i can join crls with internet explorer on this server.

I'm really stuck here. Any idea? I don't want to disable CRL verification