Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

You may find that your DualShield IIS agent doesn't work stops working after applying an Exchange Server server CU upgrade. The upgrade will generally overwrite the application's This is because the Exchange CU upgrade will reset  all web applications settings, i.e. the "web.config file where the agent module resides. That is why the problem happens.

You can easily repair it with the following PowerShell script.

Code Block
languagepowershell
firstline1
titlerepair web.config
linenumberstrue
collapsetrue
#http://mvolo.com/anatomy-of-an-iis7-configuration-path/
[settings]$dualconf = Get-Content Settings.xml

foreach( $item in $dualconf.settings.list.item) 
{
if($item.protected -eq "yes"){
$metapath = $item.path -replace "/LM/W3SVC/1/Root/", "MACHINE/WEBROOT/APPHOST/Default Web Site/"
# write-host $metapath 
Enable-WebGlobalModule -Name "DasIIS7Native" -PSPath $metapath
}

}

" file, hence cause the settings for the DualShield IIS agent to  be lost.  

You can restore the DualShield IIS Agent settings in 2 ways, manually or by a PowerSheel script.

Manual

This has to be done on every IIS node that is enabled with DualShield 2FA. Let's use OWA as an example. In Ithe IS Manager, navigate to the OWA node:

Image Added

Right Under the hood, it will add back the module called "DasIIS7Native" into web.config file. For instance, you have owa node enabled with DualShield 2FA. In IIS Manager, locate the owa node, right click it, then choose "Explore"

Image Removed

It will bring take you to the physical folder, C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\owa. Open

Now, open web.config , you should see in a text editor, find the <modules> tag and insert <add name="DasIIS7Native" in the modules list, as shown in the sample below./> into the tag, e.g:

<modules>
<add name="DasIIS7Native"/>
</modules>

Below is a complete sample:

Code Block
languagexml
firstline1
titleweb.config sample
linenumberstrue
collapsetrue
<?xml version="1.0" encoding="UTF-8"?>
<configuration
<!-- .... -->
<configSections>
<section name="microsoft.identityModel" type="Microsoft.IdentityModel.Configuration.MicrosoftIdentityModelSection, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
</configSections>
<location inheritInChildApplications="false">
<system.webServer>
<serverRuntime appConcurrentRequestLimit="65535" uploadReadAheadSize="0"/>
<modules>
<add name="DasIIS7Native"/>
<!-- .... -->
</modules>
</system.webServer>
</location>
<!-- .... -->
</configuration>

PowerShell Script

Code Block
languagepowershell
firstline1
titlerepair web.config
linenumberstrue
collapsetrue
#http://mvolo.com/anatomy-of-an-iis7-configuration-path/
[settings]$dualconf = Get-Content Settings.xml

foreach( $item in $dualconf.settings.list.item) 
{
if($item.protected -eq "yes"){
$metapath = $item.path -replace "/LM/W3SVC/1/Root/", "MACHINE/WEBROOT/APPHOST/Default Web Site/"
# write-host $metapath 
Enable-WebGlobalModule -Name "DasIIS7Native" -PSPath $metapath
}

}