CCS returns unknown results for IIS checks.
search cancel

CCS returns unknown results for IIS checks.

book

Article ID: 163592

calendar_today

Updated On:

Products

Control Compliance Suite Control Compliance Suite Control Compliance Suite Standards Server

Issue/Introduction

CCS returns unknown evaluation results for IIS checks.

WindowsDC.log:

ErrorLog.cpp | 936 | DCModule.exe | 11284 | 9796 | Entering Function: IIS7WmiConnection::GetIIS7PropertyValueUsingWMISections()
ErrorLog.cpp | 936 | DCModule.exe | 11284 | 9796 | Entering Function: IIS7WmiConnection::GetPropertyValUsingWMISection()
IIS7WmiConnection.cpp | 652 | DCModule.exe | 11284 | 9796 | Entering IIS7WmiConnection::GetSection
IIS7WmiConnection.cpp | 687 | DCModule.exe | 11284 | 9796 | IIS7WmiConnection::GetSection- Failed to ExecMethod 'GetSection' with Error Code: 800700b7:
IIS7WmiConnection.cpp | 706 | DCModule.exe | 11284 | 9796 | IIS7WmiConnection::GetPropertyValUsingWMISection - Failed to Get Section 'DirectoryBrowseSection' with Error Code: 800700b7:
ErrorLog.cpp | 941 | DCModule.exe | 11284 | 9796 | Exiting Function: IIS7WmiConnection::GetPropertyValUsingWMISection()
ErrorLog.cpp | 941 | DCModule.exe | 11284 | 9796 | Exiting Function: IIS7WmiConnection::GetIIS7PropertyValueUsingWMISections()
ErrorLog.cpp | 936 | DCModule.exe | 11284 | 9796 | Entering ReadListProcessInterfaceImpl::AddExceptionFile()
ProcessInterface.cpp | 174 | DCModule.exe | 11284 | 9796 | ReadListProcessInterfaceImpl::AddExceptionFile() - 1 - <message level="2" target="{HOSTNAME.EN_US}"><desc><![CDATA[IIS returned an error while reading web configuration [Binding: Application.Path="/AppTwo",SiteName="Default Web Site", Class: DirectoryBrowseSection, Property: Enabled] - Cannot create a file when that file already exists. - ]]></desc><internalerror><![CDATA[0]]></internalerror></message>
ErrorLog.cpp | 941 | DCModule.exe | 11284 | 9796 | Exiting ReadListProcessInterfaceImpl::AddExceptionFile()
BVNTProcessQuery.cpp | 3598 | DCModule.exe | 11284 | 9796 | BVNTProcessQuery::AddErrorRecord{HOSTNAME.EN_US},0,IIS returned an error while reading web configuration [Binding: Application.Path="/AppTwo",SiteName="Default Web Site", Class: DirectoryBrowseSection, Property: Enabled] - Cannot create a file when that file already exists.,null,2)

Note: there could be more errors in the same log for different classes.

 

Environment

CCS 12.x.x

IIS 8.5 and newer

Cause

Most likely cause here is that the IIS configuration is corrupt or in any other way broken and/or cannot be read by WMI queries.

 

Resolution

The same/similar query can be executed in Powershell. Open PowerShell on the IIS system and run the following command:

 Get-CimInstance –Namespace root\WebAdministration -Class DirectoryBrowseSection

Here is the input/output of a working system:

 

If the IIS configuration is corrupt or in any other way broken or cannot be read by WMI queries then something like this will show.

Here are some other samples of the type of queries potentially run by CCS:

Get-CimInstance –Namespace root\WebAdministration -Class DirectoryBrowseSection
Get-CimInstance –Namespace root\WebAdministration -Class AnonymousAuthenticationSection
Get-CimInstance –Namespace root\WebAdministration -Class SessionStateSection
Get-CimInstance –Namespace root\WebAdministration -Class CustomErrorsSection
Get-CimInstance –Namespace root\WebAdministration -Class CompilationSection
Get-CimInstance –Namespace root\WebAdministration -Class RequestFilteringSection

Here are some basic troubleshooting steps to find where it might be going wrong with the IIS configuration.

To conclude, if the PowerShell query also fails to return results then there is no defect or issue within CCS, it's the IIS configuration that is either corrupt and/or can't be read by WMI for whatever reason and is preventing CCS from determining the configuration and in turn causing an UNKNOWN. If you need help determining what is wrong with your IIS website/application configuration Symantec suggests you contact Microsoft technical support.

If the Powershell query does report the expected results and CCS does not - please get in touch with your local Symantec technical support representative and open a ticket referring to this article.