Celtic Coding Solutions Blog

Celtic Coding Solutions Blog - for everything computer related

Install SSL Cert from GoDaddy on IIS 8 in Windows Server 2012 r2

1) Create Cert Request
Open Internet Information Services (IIS) Manager.
Click the Server
Under IIS grouping find “Server Certificated” and double click it:-

Under Actions (right hand side) click “Create Certificate Request…”

Enter in some details e.g.

Click Next

Select Bit Length 2048

Create an output file – click finish.

2) Import to Go Daddy

Open the Text File that you created above and you will have a load of characters – this is the key.
In Go Daddy purchase the SSL Certificate e.g. *.MyCompany.com or click Manage if you already have one.
In the next screen click the ReKey & Manage button:-

Expand Re-Key certificate + tab and you will see:-

Copy/Paste the text from the file you created above and click Save. Then click the “Submit All Saved Changes”
Then wait a few minutes whilst it is processed.
Once Complete click the Download button and save the zip file.

3) Install on the Server

Follow the instructions on the Go Daddy WebSite at:-
IIS8 Install a Certificate
But the most important bit is to reboot the server otherwise the Certificate will not work.

If you find that your Certificate seems to disappear when you “Complete Certificate Request…” this is because your certificate hasn’t been correctly keyed for the server so please re-do Step 2 above.


Pyramid Analytics - Problem exporting content

Using Pyramid Analytics and trying to export content of the report (or just export the report to PDF)

After I clicked the "Click here to get file" I got the following error:-

System.ServiceModel.Security.MessageSecurityException: The HTTP request is unauthorized with client authentication scheme 'Negotiate'. The authentication header received from the server was 'Basic realm="SERVERNAME"'. ---> System.Net.WebException: The remote server returned an error: (401) Unauthorized. at System.Net.HttpWebRequest.GetResponse() at ......

This seemed strange as everything else on the site was working fine.


The problem was with a setting on the IIS that was running the site.

Open IIS, find BIOffice6 under the Sites.  Click Authentication and make sure everything is Disabled apart from Asp.Net Impersonation and Basic Authentication.  For some reason my setup had Windows Authentication enabled which was causing the error.  E.g you settings should look like:-

Visual Studio Performance And Diagnostics Service IISADMIN was not found on computer

Using Visual Studio 2013 and running the Debug - Performance and Diagnostics on my Windows 7 x64 PC I got the error:-

"Service IISADMIN was not found on computer"

I checked and I was running Visual Studio as Admin and IIS was running fine.

I did notice that I didn't have IIS 6 Management Compatibility enabled in the Windows Features.  So I turned these on and Performance and Diagnostics now works:-

Microsoft Master Data Services Web Error when using a specific Network Account for Application Pool

So you have successfully installed and used the Master Data Services Configuration Manager in SQL Server 2012, but when trying to run the web url you get the following error:-

HTTP Error 500.19 - Internal Server Error

The requested page cannot be accessed because the related configuration data for the page is invalid.

Config Error: Cannot read configuration file due to insufficient permissions.

Config File: \\?\c:\Program Files\Microsoft SQL Server\110\Master Data Services\WebApplication\Web.config

Now the only difference in the setup is I order abortion pill am using a Network login for the Application Pool that this MDS Web Application uses.

So bascially this error means that Application Pool user doesn't have permission to read the web.config at:-

C:\Program Files\Microsoft SQL Server\110\Master Data Services\WebApplication\Web.config


That is fine, grant it read permission and now we get another error:-

The current identity (AppPoolUser) does not have write access to 'C:\Program Files\Microsoft SQL Server\110\Master Data Services\MDSTempDir'.

OK so again we need to give the Application Pool user write permission to the MDSTempDir directory.

I am using Windows Server 2008 R2 Enterprise but it is boardly the same for most Windows Servers

Open Windows Explorer and locate the folder

Right Click - abortions cost Properties

Select 'Security' Tab

Click 'Advanced'

Click 'Change Permissions...'

Click 'Add'

Locate the user

Click OK

And Select 'Full Control' for permissions

Now run your MDS Web Page and it should look something like:-

"Page cannot be found" Running Asp.Net 4 on Windows Server 2003 IIS6

Trying to run Asp.Net code from a Windows 2003 server running IIS 6.0 and I got a lovely "The page cannot be found"? 

This is bizarre as I have installed .Net 4.0 on the server, correctly ran C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe (just encase) and abortion at 6 weeks also abortion information correctly changed the properties of my Web Application to ASP.Net Version 4.0.30319

Looking at the actually Web Page error and I notice 404.2 - Lockdown policy prevents this request.  Ok nice so you can install .Net 4 for Asp.Net code but by default not actually use it?

Next check what extensions are available on the server:- open command line and enter:-
c:\Windows\System32\cscript iisext.vbs /listfile

Notice that C:\Windows\Microsoft.Net\Framework\v4.0.30319\aspnet_isapi.dll has a Zero meaning disabled.

OK to enable just run the following:-
c:\Windows\System32\cscript iisext.vbs /enfile C:\Windows\Microsoft.Net\Framework\v4.0.30319\AspNet_Isapi.dll

And bingo all code working fine now.

SPSite - SharePoint 2010 and Visual Studio 2010 - FileNotFoundException

Trying to connect to my local SharePoint 2010 site using Visual abortion clinics Studio 2010 Asp.Net on Local IIS Web server Version 7.5 (Windows 7 x64) e.g.
SPSite oSpSite = new SPSite("http://LocalPCName:81");

I got the following error (FileNotFoundException):-
The Web application at http://LocalPCName:81 could not be found. Verify that you have typed the URL correctly. If the URL should be serving existing content, the system administrator may need to add a ru486 cost new request URL mapping to the intended application.


To Fix:-
Check what account the App Pool for "SharePoint Central Administration V4" is running under.  I use a generic account say Domain\SharePointAdmin.

Make sure this account is under the "WSS_ADMIN_WPG" local accounts group.

Make sure this account is site administrator for the site you are trying to connect to.

"Use Local IIS web server" rather than "Use Visual Studio Development Server" for Visual Studio Project Web debugging.  e.g. in Visual Studio for your project select Project - XXX Properties... - select Web (left tab) - tick "Use Local IIS Web server" - then click "Create Virtual Directory". 
Once created open Internet Information Services (IIS) Manager and find the newly created Web Application.  Select the web application and click "Advanced Settings...".  Change the Application Pool to the same one as the "SharePoint Central Administration v4".

The following I have seen people blog about that fixes their issues, but this was not necessary for me:-
Make sure the App Pool account has DB_Owner access to the SharePoint Configuration Database and the SharePoint Content Database.

Make sure your code runs under Platform Target: x64 (although I find Any CPU works better) - just make sure it is not x86 because SharePoint 2010 was only x64 bit hence it would not work.

Unable to start debugging on the web server (Visual Studio 2010) and IIS 7.5 Part 2

Running Visual Studio 2010 Asp.Net web code using the Local IIS Web server Version 7.5 (Windows 7 x64), I came across the error:-
Unable to start debugging on the web server. Unable free abortion to connect to the web server. Verify that the web server is running and that incoming HTTP requests are not blocked abortions pills by a firewall.



To Fix:-
Open IIS - Control Panel - System and Security - Administrative Tools - Internet Information Services (IIS) Manager
Expand PC/Server Name - Expand Sites - Select Default Web Site
Select Authentication

Make sure

Windows Authentication is enabled

Unable to start debugging on the web server (Visual Studio 2010) and IIS 7.5

Running Visual Studio 2010 Asp.Net web code using the Local IIS Web server Version 7.5 (Windows 7 x64), I came across the error:-
Unable to start debugging on the web server. The server what is an abortion committed a protocol violoation. Section=ResponseStatusLine


The problem exists because medication abortion it seems that having skype installed and running can take control of Port 80 which is used as the default port for IIS.  Therefore to fix this, make sure you uncheck the "Use port 80 and 443 as alternatives for incoming connections" in Skype - Tools - options - Advanced - Connection.

Asp.Net Windows Authorisation in IIS7 for Windows Server 2008 and r2

When Kerbos hasn't been setup correctly on a Windows Server 2008 and 2008r2 server, I've noticed a couple of issues when running Asp.Net code in IIS and using Windows Authorisation enabled, anonymouse disabled.

Running the Page locally in IE on the Server works correctly and Windows Credentials are picked up by the Asp.Net code.  However running the Page in IE on a separate machine (via the network) resulted in the following errors:-

"You are not Authorized to view this page"


Or "HTTP Error 401"

Running the Page in IE using the IP address of the server instead of the server name worked (probably because it defaults to NTLM instead of abortion price Kerberos).

1.0) Server 2008r2 Fix

When there appears to be an issue with Kerberos on the Network and IIS (as in this case), then we need Web Applications to default to NTLM instead for Windows Authentication pass-through.
The fix for Server 2008r2 is slightly easier than in Server 2008 so this is first.

1.1) Setup Application Pool

This is not 100percent necessary as you can use one of your existing Application Pools; however for demonstration purposes it is easier to create a new one.

Remote onto the Server and load the Internet Information Services (IIS) Manager:-
Select your server (expand using the plus icon)
Select Application Pools

Create a new Application Pool e.g.
.Net Framework: v2.0
Managed Pipeline: Integrated
Identity: ApplicationPoolIdentity


1.2) Setup/Convert to Web Application

Click on your Asp.Net Directory under Sites – Default Web Site.
Right click and "Convert to Web Application" – might already be as the icon will be changed from the standard folder icon.
Make sure our new Application Pool is selected

Click Test Settings and notice the error:-

1.3) Change Folder Settings to allow App Pool Access

The Application Pool is now running under ApplicationPoolIdentity as ASPNET2.  This is visible in the Windows Task Manager on the Server:-

If this user is not visible then open your Web Application in IE on the local server (just click on the "Browse *:80 (Http) in IIS)

Open File Explorer:-
Go to C:\inetpub
Right Click wwwroot - Properties
Security Tab
Click Edit
Click Add
Change location to ServerName (Top of list)
In the "Enter the object names to select" type:-
Click OK

Select ASPNET2 in the "Group or User Names"
Then Tick:-
Read & Execute
List folder contents

1.4) Set Web Application Windows Authorisation

Back in IIS click on authentication icon:-

Enable ASP.Net Impersonation and Windows Authentication:-


1.5) Configure Windows Authorisation

Select Windows Authentication and in the Right Hand Menu select Advanced Settings and it should look like the following:-

Close this and next Click "Providers…"
Move NTLM up and then Negotiate is second

Close and restart IIS - all should now work!

2.0) Server 2008 Fix

Server 2008 is slightly different as not all the options are visible.  Therefore follow all the same settings as above for 2008 up until Point 1.3

2.1) Change folder settings to allow App Pool access (Server 2008 method)

In Server 2008 you cannot add the following user to Folder Security as it will not find this user:-

Instead you need to use icacls with the following syntax (open a command line and enter):-
icacls c:\inetpubwwwroot /grant "IIS AppPool\ASPNET2":(OI)(CI)(RX)

When run then in wwwroot folder security you will see ASPNET2 is listed so follow the same instructions as Server 2008r2.

2.2) Configure Windows Authorisation (Server 2008 natural abortion pill method)

The "Providers…" option is not available in IIS for 2008 and so this has to be done manually via modifying the ApplicationHost.config file under:-

Scroll down to your Application and amend using the following details:-

      <anonymousAuthentication enabled="false" />
        <windowsAuthentication enabled="true" useKernelMode="true">
            <clear />
            <add value="NTLM" />
            <add value="Negotiate" />

Note in 2008r2 you may need to also add the following:-
  <extendedProtection tokenChecking="None" />
this goes below
  <windowsAuthentication enabled="true" useKernelMode="true">

Restart IIS and all should work.