IIS Changes Updated web.config file in CA SDM

Article Id: 37588

Status: Published

Updated On: 14-02-2018 07:36

Legacy Id: TEC1065907

Products:

SUPPORT AUTOMATION- SERVER , CA Service Desk Manager - Unified Self Service , KNOWLEDGE TOOLS , CA Service Management - Asset Portfolio Management , CA Service Management - Service Desk Manager

Issue/Introduction:

Problem:

Our Security team made security changes to IIS to secure IIS further.

When CA SDM web interface was access we got 'http 500.19.180' error.

We can see that IIS changes updated web.config file in $NX_Root\bopcfg\www\wwwroot via any text editor.

For Example:

</system.webServer>

<system.web>

</system.web>

To make the system work again we had to copy the web.config file from a different web server and recycled the CA SDM services.

Resolution:

This web.config file hold information on security, require_secure_logon & require_secure_connection.

This file provides a backup in case IIS settings are changed without consent from the Service Desk/Knowledge Tools administrator.

IIS owns the web applications which is wwwroot folder. Web.config file is being used by IIS. So when IIS is updated it could have added some characters to the file that resulted in 500 errors.

It is better to rename this file or just copy this file before making changes in IIS so even if it is overwritten we have safe copy of it.

As a precautionary measure we should always have backup of the system before making security changes to IIS.

Service Desk doesn't control what is updated by IIS in web.config file.

Environment:

Release: SDMU0M99000-14.1-Service Desk Manager-Full License
Component: