→ 🚀What's New? Join Us for the Fall Product Launch! Register Now !

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
chuckkellum
Engaged Sweeper II
I did not install the original instance of Lansweeper that is running and there are no notes that I can find, except for 2 log files where I have upgraded. I do not know what the installer selected for the web server, but I am pretty sure it was IIS Express, as when I shutdown that service, I can't get any webpages to show up. (pretty lame way to prove it, but ygdwygd)

Security controls and policy now dictate that we have to limit access to certain users. I began reading the kb article and most of the forum postings on this topic. I saw one posting that indicated that IIS Express was no longer supported. So my current best decision is to change the web server to either IIS or UltiDev.

Is this possible without doing a "new" install? Can a "new" install be performed without starting completely over?

What will I have to do as far as cleaning up the IIS Express if I can find a way to convert?

Chuck
5 REPLIES 5
Hemoco
Lansweeper Alumni
For Lansweeper 5.0, we will add a small interface to the IIS Express configuration, so you won't have to make the change manually. (We expect to release Lansweeper 5.0 within the next few weeks.)
chuckkellum
Engaged Sweeper II

You are correct!
I found the right section a little further down.
It is now working correctly.
Thank You
Hemoco
Lansweeper Alumni
You are not looking at the correct section of the configuration file. Please look for the lines shown below and make the changes marked in bold.
<authentication>
<anonymousAuthentication enabled="false" userName="" />
<basicAuthentication enabled="false" />
<clientCertificateMappingAuthentication enabled="false" />
<digestAuthentication enabled="false" />
<iisClientCertificateMappingAuthentication enabled="false">
</iisClientCertificateMappingAuthentication>
<windowsAuthentication enabled="true">
<providers>
<add value="Negotiate" />
<add value="NTLM" />
</providers>
</windowsAuthentication>
</authentication>
chuckkellum
Engaged Sweeper II
My xml code in the IIS Express config file is different than that in the knowledge base article. This is one of the reasons I wanted to change to another web server. Here is a snip of my code:

<sectionGroup name="security">
<section name="access" overrideModeDefault="Deny" />
<section name="applicationDependencies" overrideModeDefault="Deny" />
<sectionGroup name="authentication">
<section name="anonymousAuthentication" overrideModeDefault="Deny" />
<section name="basicAuthentication" overrideModeDefault="Deny" />
<section name="clientCertificateMappingAuthentication" overrideModeDefault="Deny" />
<section name="digestAuthentication" overrideModeDefault="Deny" />
<section name="iisClientCertificateMappingAuthentication" overrideModeDefault="Deny" />
<section name="windowsAuthentication" overrideModeDefault="Deny" />
</sectionGroup>
<section name="authorization" overrideModeDefault="Allow" />
<section name="ipSecurity" overrideModeDefault="Deny" />
<section name="isapiCgiRestriction" allowDefinition="AppHostOnly" overrideModeDefault="Deny"/>
<section name="requestFiltering" overrideModeDefault="Allow" />
</sectionGroup>

The knowledge base article is simple enough to follow, but I am not sure (without experimentation) how to translate it to this.
Hemoco
Lansweeper Alumni
IIS Express is no longer supported for new Lansweeper installations. In other words, when you perform a new installation, the IIS Express option will no longer be available. There is no need for you to switch web servers.

Instructions on how to restrict web console access can be found in this knowledge base article. You will need to:
- Configure your web server for authentication. The process for IIS Express is covered in the knowledge base article as well.
- Add your AD user groups to the Program Files (x86)\Lansweeper\Website\web.config file on your Lansweeper server. Note that you must submit AD user groups; you cannot submit individual users.