Hi all,
I built a Windows Server 2008 R2 virtual machine from scratch and configured it with the base setups that I want all of my Server 2008 R2 virtual machines to have. I tested everything and it works fine. I have installed and configured IIS, set up virtual directories and that is all working as well. I powered the machine off and exported it to an OVF template. I then deployed that template, configured it using the vCenter Converter Standalone tool and powered on the machine, left it sysprep, and when it's all done, IIS doesn't work.
Here's my configuration. We have 3 VM hosts, each running different versions of ESXI. The 3 versions we are using are:
The versions of vCenter Converter Standalone that I've tried using for configuring the machine I deployed using the template include:
The VM that I refer to that I built and exported to a template was built on the VM host version 4.0.0-208167. I have tried deploying that template to all 3 VM hosts with them all having the same issues.
And here's the issue I'm having. When I first try accessing the server's default web site (or any virtual directory created within the default web site for that matter), I get a 503 error. I look in the event viewer and there is an event log with this info:
After searching online, I found an article that indicated to go into the file C:\Windows\system32\inetsrv\config\applicationHost.config, find the <configProtectedData> node and remove the providers section, and then do an iisreset. I did this and when I browsed to the default web site, all was well and I thought I was good to go.
But not quite. Next thing I needed to do was update some of the virtual directories that were previously configured on the base template to point to a network share that was specific to each server I deploy and configure from the template. That virtual directory is set up to Connect As a domain account. If I try to update the network share from within the IIS management console, when I try to close the window I get an error 'Value does not fall within the expected range'.
So I searched online for this problem. I found an article (http://forums.iis.net/p/1160389/1915020.aspx#1915020) that indicated to run the following command to resolve this problem:
iissetup.exe /install SharedLibraries
It even indicates that you will get an error, but that it still resolves the problem. So I gave it a shot and it did indeed resolve the problem. And you would think this would be good news. However, the first problem is now back.
I've used PsGetsid to make sure that the machine I deployed using the template has a different SID than the template had and they do indeed have different SIDs.
So at this point, I'm not sure what else to look at or try. I've been looking at google, these forums, MSDN, stackoverflow, etc. for days to no avail. Any help would be extremely appreciated.
Thanks in advance,
Eric
Hi Eric Well, this is not the right place, you should try some IIS forum. By the way, did you try to deinstall and reinstall IIS? Regards, Plamen
Thanks for the suggestion Plamen.
I posted here since this wasn't a problem on the source machine and was hoping others that have deployed a Server 2008 R2 template may have experienced the same thing afterwards and had found a solution.
I have resolved this issue with help from Microsoft. In case anyone else deploying a Server 2008 R2 template runs into this issue, despite that this article is referring to IIS 7.0, the solution listed does apply to IIS 7.5 as well:
http://blogs.msdn.com/b/vijaysk/archive/2009/03/14/caution-while-xcopying-iis-7-0-config-files.aspx
In my experience, this came about because the deployed machine was 'customized' by VMWare. The sysprep had caused the new machine to have a new SID. I ran into further issues with certificates as well:
A specified logon session does not exist. It may already have been terminated.
(Exception from HRESULT: 0x80070520)
Annoyingly enough, this came across on the second deploy of a machine, as the first had failed to customize and ended with the same SID.