Jump to content

  • 0

how can I setup ISS for SCCM 2007 in Windows Server 2008


Part 1. Add the Web Server role to Windows Server 2008


This guide assumes that you have first installed Windows Server 2008 and configured it for Active Directory (AD) and setup a working DHCP server. Steps 1 and 2 of this guide will show you how to setup and configure both the AD role and the DHCP role. Once done you can continue below.


If you would like to read the Official Microsoft documentation for setting up IIS with Webdav then please read this



Add the Web Server role (IIS 7) to Windows Server 2008.


Click on Start, choose Server Manager, scroll down to Roles Summary and choose Add roles




at the Before you begin page, click next




in the Server Roles page, click on Web Server IIS




a window will appear notifying you that some required features also need to be installed


click on Add required features




at this point you can now click on Next in the Server roles page...




you'll get an Introduction about Web Server IIS and how it integrates with Windows Server, click next to continue




now we have to select the role services to install for IIS


under Application Development place a checkmark in ASP.NET


an additional window will pop up telling us that the following roles and features are also installed


Application Development

ISAPI Extensions

ISAPA Filters

.NET Extensibility


Windows Process Activation Service

.NET Environment


click on Add Required Role Services




Click on Next when done


review the confirmation screen and click Install to continue




Once done review the results pane




click Close to exit


The Web Server (IIS) role should now appear in Server Manager Roles Summary.




if you open a web-browser and enter the following address http://localhost you should see the nice IIS 7 welcome screen



Share this post

Link to post
Share on other sites

Recommended Posts

  • 0

Part 2. Download and install Webdav for IIS 7



Note: If you are using Server 2008 R2 which has Webdav 7.5 then read this post first




An important note from Microsoft:-


Enabling WebDAV and modifying the requestFiltering section for the Web site increases the attack surface of the computer. Enable WebDAV only when required for management points and BITS-enabled distribution points. If you enable WebDAV on the default Web site, it is enabled for all applications using the default Web site. If you modify the requestFiltering section, it is modified for all Web sites on that server. The security best practice is to run Configuration Manager 2007 on a dedicated Web server. If you must run other applications on the Web server, use a custom Web site for Configuration Manager 2007. For more information, see Best Practices for Securing Site Systems.


pick your version below


Microsoft WebDAV Extension for IIS 7.0 (x64)




Microsoft WebDAV Extension for IIS 7.0 (x86)




Accept the license agreement and let it install itself




Once we have installed Webdav, we need to Enable WebDAV Publishing Using the IIS Manager.




Enabling WebDAV Publishing Using the IIS Manager.



Startup IIS Manager and in the Connections pane, expand the Sites node in the tree, then click the Default Web Site, then double-click the WebDAV Authoring Rules icon.





Click enable webdav in the Actions pane on the right side




Once you've clicked it it will then say 'Disable webdav' so be sure not to click there again, now we need to click the Add Authoring Rule task in the Actions pane and set your options as below




That's it, you've now enabled WebDAV authoring in IIS 7. We will return to Webdav later in the guide, if you want to do them now then read Step 1 of this post or just continue with the below as we will get to it later anyway.

Share this post

Link to post
Share on other sites

  • 0

Part 3. Verify that you have Authorization and Authentication configured


In IIS Manager, click on Default Web Site in the left pane, and choose the Authentication icon under IIS.




in this example (default install of IIS 7 in Windows Server 2008) we can see the following Authentication types are installed


Anonymous Authentication - Enabled

ASP.NET Impersonation - Disabled

Forms Authentication - Disabled




We want to add Basic Authentication and Windows Authentication to proceed further. To do this Click on Server Manager and scroll down to Roles Summary.




Click on Web Server (IIS) and scroll down to Role Services.




In this example both Basic and Windows Authentication are not installed, so let's install them. click on Add role services in the actions pane to the right.




scroll down to security and put a check mark in Basic and Windows Authentication, click next.




confirm your selections




and click install, once done you'll see a results screen




At this point you can close the IIS server manager, restart the World Wide Web Publishing Service service (W3SVC) and go back into the IIS server manager, when you click on Default Web Site now and the Authentication icon, you should see the two new authentication methods added.




Right click on Windows Authentication and choose Enable (Note: You can use Basic Authentication with WebDAV, but the WebDAV redirector will only use Basic Authentication with SSL connections, so we will not be using it here, I just installed it so that you were aware of it.)






In IIS Manager, click the Default Web Site under the Sites node in the tree, Double-click the Authorization rules icon.



NOTE: if (like me) you do not see the Authorization rules icon (feature) then go back into Server Manager, select Roles, Select Web Server (IIS), select Roles services and scroll down to Security, check if URL Authorization is installed, if it is not installed, click on Add role Services in the right pane and install it,








then restart the Internet Information Services (IIS) Manager. The icon (feature) should now appear....




When the Authorization feature opens, make sure that an Allow rule is defined that includes the administrator account. IE: the default rule for IIS allowing access to All Users will include the administrator account.




you can now test logging into your WebDav site using your administrator account by opening a command prompt and typing this


net use * http://localhost/


after a few moments you should see a result like this


C:\Users\Administrator>net use * http://localhost/

Drive Z: is now connected to http://localhost/.


The command completed successfully.


If you don't see the above, for example if you get a an error like this


"System error 67 has occurred." The network name cannot be found.


then install the Desktop Experience Feature using the Add Features Wizard) reboot the server and try again. The reason we need the Desktop Experience feature installed in Server 2008 is because it will install the Webclient service which is required for this.



Note: if you now get a new error which states



System error 1920 has occurred. The file cannot be accessed by the system.



Then you must open up IIS Manager, click on Default Web Site, and go into the WebDav Authoring Rules and add the current user you are attempting to do this as (eg: add user DOMAIN\user). See below screenshot.




Tip: for a list of webdav errors and solutions to resolving them see this page


so now we have mapped drive Z: to the WebDav site, using the administrator account and using the authorization rules we setup above, we have read/write/source acccess to the directory.

Share this post

Link to post
Share on other sites

  • 0

Part 4. Install the IIS 6 Management compatibility


Open Server Manager, select Roles, Select Web Server (IIS), select Roles services and scroll down to Management Tools, check if IIS 6 Management Compatibility is installed, if it is not installed, click on Add role Services in the right pane and install it.




click next to confirm the install, and then Install.








Part 5. Install the BITS Server Extensions


Open Server Manager, select Features




click on Add Features, and placed a checkmark in the BITS Server Extensions box




when the 'add role services required for BITS Server Extensions' query comes up, click on Add required role services




click next to proceed




you'll get an IIS introduction, click next




review the new choices it's made for you and click next




confirm the selections it made, and click install




finally you should see BITS installation successful






Part 6. Add ASP (required for ConfigMgr Reporting Point to function)


Open Server Manager, select Roles, Select Web Server (IIS), select Roles services and scroll down to Application Development, verify that ASP is installed, if it isn't, install it.







The following Web Server role services should be installed.


IIS Role Services


Web Server

Common HTTP Features

Static Content

Default Document

Directory Browsing

HTTP Errors

HTTP Redirection


Application Development


.NET Extensibility


ISAPI Extensions

ISAPI Filters


Health and Diagnostics

HTTP logging

Logging tools

Request Monitor




Basic Authentication

Windows Authentication

URL Authorization

Request Filtering

IP and Domain Restrictions



Static Content Compression


Management Tools

IIS Management Console

IIS Management Scripts and Tools

Management Service

IIS 6 Management Compatibilty

IIS 6 Metabase Compatibility

IIS 6 WMI Compatibility

IIS 6 Scripting Tools

IIS 6 Management Console

Share this post

Link to post
Share on other sites

  • 0
Guest itismike

Hi anyweb,


We followed your guide to install and configure SCCM a few months ago. Now we are attempting to build another similar environment, but you've moved on! Is there any place I can look to find the original steps to configure things based on Server 2003 with IIS 6?

Share this post

Link to post
Share on other sites

  • 0
Guest itismike

It does! Thank you for the immediate reply! Are the other steps for the rest of the 2003 SCCM configuration available somewhere or do you just recommend extrapolating the steps from the 2008 guides?

Share this post

Link to post
Share on other sites

  • 0

just use the 2008 guides i have, it should be pretty much the same,. if you run into any problems raise a new post here and we'll deal with it

Share this post

Link to post
Share on other sites

  • 0
Guest itismike

Still running into problems following the 2008 guides. I remember we created accounts for SMS_SiteSystemToSiteServerConnection_xxx. Was that covered in the 2003 guide but not in the 2008 guide? Isn't it still necessary?

Share this post

Link to post
Share on other sites

  • 0

Hey Brother,


I read you step be step guide to installing sccm on server 2008. After installing the webdav and testing with the "net use * http://localhost" i get a


System error 67 has occured.

The Network name is cannot be found.


I can browse to the localhost perfectly. I just get this when I test. I tried playing with the permissions but still nothing. Please help?


Thank You friend,



Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...