I already wrote a post on this matter some time ago, but this week worked on the same problem on a Windows 2000 Server, of course 32 bit.
Running aspnet_regiis -i did not help so we tried to run the script Tom provides in his post, but we got the error here below:
Line 41 is “Set objIIS = GetObject(“IIS://” & strComputer & “/W3SVC/AppPools”)”, this path does not exist in IIS 5 metabase, hence the error. To adapt it to IIS 5 we removed the script section that checks for Enable32BitAppOnWin64.
We run the script again and got this message:
PASS: The current value of Restrict_Run is: 0
PASS: Successfully registered mmcaspext.dll
PASS: Successfully registered AspNetMMC
Microsoft (R) .NET Framework Assembly Registration Utility 2.0.50727.1433
Copyright (C) Microsoft Corporation 1998-2004. All rights reserved.
Types registered successfully
Assembly exported to ‘C:\WINNT\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.tlb’, and the type library was registered successfully
PASS: Successfully registered Assembly
Running aspmantst.exe to test the ASP.NET Tab snap-in
Attempting to create the object as CLSCTX_LOCAL_SERVER.
Create failed. hr: 80070005. QIhr: 80070005. GLE: 1008
Attempting to create the object as CLSCTX_REMOTE_SERVER to <machine_name>.
Create failed. hr: 80070005. QIhr: 80070005. GLE: 1008
Attempting to create the object as CLSCTX_INPROC_SERVER.
Object created. Attempting to call method.
Method succeded. Result: 1.1.4322.0,C:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll,2.0.50727.0,C:\WINNT\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
Code 80070005 means “Access Denied”, so we do not have enough permission to complete the configuration… The object we are trying to create, which represents the ASP.NET Ta in IIS Manager, is listed in dcomcnfg as Microsoft.Aspnet.Snapin.AspNetManagementUtility.2. In a default Windows 2000 SP4 installation, the Default Access Permission ACL is empty: when you log in as an administrator, if the ACL list is empty then the owner changes to whatever account you are logging on with: this account is the owner and implicitly has access to the COM instantiation works fine. But if the ACL list is not empty (it contains any account or group) the owner does not change at logon and the automatic mechanism just described does not work.
Likely the same missing permission we were already facing, Microsoft.Aspnet.Snapin.AspNetManagementUtility.2 did not show up in our application list… so we add a look at the same kind of permission, but this time we checked the “Default Security” tab:
And here we were! On another working machine this customer had the ACL list was empty, while for some reason on the failing machine the list was not empty, we had an account listed there… in such a situation there are two options:
-
- Clear the ACL list
- Add the Administrators group and any other account you need to explicitly grand Access Permissions to
In our case we cleared the list, run the script again (this time every step completed successfully) and the customer got his ASP.NET Tab available in IIS Manager ?
Carlo
Quote of the day:
If you develop an ear for sounds that are musical it is like developing an ego. You begin to refuse sounds that are not musical and that way cut yourself off from a good deal of experience. – John Cage