Tuesday, July 4, 2017

IIS Broken After June 2017 Windows Updates

Since installing a few updates at the end of June, we ran into a problem with a couple IIS servers. Because there's a lot of information on these issues I wanted to add this to the search results as a recent fix for the troubles.

When you Browse to the IIS server, you may end up with the following, though the TL;DR are:

The webpage throws a Runtime or Compile error and Event ID 1310:

Exception message: (0): error CS0016: Could not write to output file 'c:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\rdweb_pages\decbd09c\9f1642a3\App_Web_default.aspx.cdcab7d2.j7qh1wlj.dll' -- 'Access is denied. '





Server Error in '/RDWeb/Pages' Application.

Runtime Error

Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine. 

Details: To enable the details of this specific error message to be viewable on remote machines, please create a tag within a "web.config" configuration file located in the root directory of the current web application. This tag should then have its "mode" attribute set to "Off".

Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's configuration tag to point to a custom error page URL.



Digging into the Event Logs could turn up ASP.NET 4.0.30319.0 Event ID 1310:



Event code: 3007 
Event message: A compilation error has occurred. 
Event time: 7/4/2017 8:56:03 AM 
Event time (UTC): 7/4/2017 12:56:03 PM 
Event ID: 8d578fa9db4f4970ba896082d04a3b00 
Event sequence: 8 
Event occurrence: 1 
Event detail code: 0 

Application information: 
    Application domain: /LM/W3SVC/1/ROOT/RDWeb/Pages-1-131436465628738577 
    Trust level: Full 
    Application Virtual Path: /RDWeb/Pages 
    Application Path: C:\Windows\Web\RDWeb\Pages\ 
    Machine name: CAGVSSE01 

Process information: 
    Process ID: 12716 
    Process name: w3wp.exe 
    Account name: NT AUTHORITY\NETWORK SERVICE 

Exception information: 
    Exception type: HttpCompileException 
    Exception message: (0): error CS0016: Could not write to output file 'c:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\rdweb_pages\decbd09c\9f1642a3\App_Web_default.aspx.cdcab7d2.j7qh1wlj.dll' -- 'Access is denied. '
   at System.Web.Compilation.AssemblyBuilder.Compile()
   at System.Web.Compilation.BuildProvidersCompiler.PerformBuild()
   at System.Web.Compilation.BuildManager.CompileWebFile(VirtualPath virtualPath)
   at System.Web.Compilation.BuildManager.GetVPathBuildResultInternal(VirtualPath virtualPath, Boolean noBuild, Boolean allowCrossApp, Boolean allowBuildInPrecompile, Boolean throwIfNotFound, Boolean ensureIsUpToDate)
   at System.Web.Compilation.BuildManager.GetVPathBuildResultWithNoAssert(HttpContext context, VirtualPath virtualPath, Boolean noBuild, Boolean allowCrossApp, Boolean allowBuildInPrecompile, Boolean throwIfNotFound, Boolean ensureIsUpToDate)
   at System.Web.Compilation.BuildManager.GetVirtualPathObjectFactory(VirtualPath virtualPath, HttpContext context, Boolean allowCrossApp, Boolean throwIfNotFound)
   at System.Web.Compilation.BuildManager.CreateInstanceFromVirtualPath(VirtualPath virtualPath, Type requiredBaseType, HttpContext context, Boolean allowCrossApp)
   at System.Web.UI.PageHandlerFactory.GetHandlerHelper(HttpContext context, String requestType, VirtualPath virtualPath, String physicalPath)
   at System.Web.HttpApplication.MaterializeHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)



Request information: 
    Request URL: https://remoteapp.________.ca:443/RDWeb/Pages/Default.aspx 
    Request path: /RDWeb/Pages/Default.aspx 
    User host address: 72.143.63.10 
    User:  
    Is authenticated: False 
    Authentication Type:  
    Thread account name: NT AUTHORITY\NETWORK SERVICE 

Thread information: 
    Thread ID: 10 
    Thread account name: NT AUTHORITY\NETWORK SERVICE 
    Is impersonating: False 
    Stack trace:    at System.Web.Compilation.AssemblyBuilder.Compile()
   at System.Web.Compilation.BuildProvidersCompiler.PerformBuild()
   at System.Web.Compilation.BuildManager.CompileWebFile(VirtualPath virtualPath)
   at System.Web.Compilation.BuildManager.GetVPathBuildResultInternal(VirtualPath virtualPath, Boolean noBuild, Boolean allowCrossApp, Boolean allowBuildInPrecompile, Boolean throwIfNotFound, Boolean ensureIsUpToDate)
   at System.Web.Compilation.BuildManager.GetVPathBuildResultWithNoAssert(HttpContext context, VirtualPath virtualPath, Boolean noBuild, Boolean allowCrossApp, Boolean allowBuildInPrecompile, Boolean throwIfNotFound, Boolean ensureIsUpToDate)
   at System.Web.Compilation.BuildManager.GetVirtualPathObjectFactory(VirtualPath virtualPath, HttpContext context, Boolean allowCrossApp, Boolean throwIfNotFound)
   at System.Web.Compilation.BuildManager.CreateInstanceFromVirtualPath(VirtualPath virtualPath, Type requiredBaseType, HttpContext context, Boolean allowCrossApp)
   at System.Web.UI.PageHandlerFactory.GetHandlerHelper(HttpContext context, String requestType, VirtualPath virtualPath, String physicalPath)
   at System.Web.HttpApplication.MaterializeHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)


Custom event details: 



The updates in question were:
  • Microsoft .NET Framework 4.7 for Windows 8.1 and Windows Server 2012 R2 for x64 (KB3186539(
  • 2017-06 Security Monthly Quarterly Rollup for Windows Server 2012 R2 for x64-based Systems (KB4022726)
but for reference, also installed were:
  • Windows Malicious Software Removal Tool for Windows 8, 8.1, 10 and Windows Server 2012, 2012 R2, 2016 x64 Edition - June 2017 (KB890830)
  • Security Update for Microsoft Silverlight (KB4023307)
Impacted servers were Microsoft Windows Server 2012 R2 x64 VMs.


The solution as I found it was to do the following:

The caveat however, is that I have confirmed with one of the impacted servers the following setting isn't how it was set before the update.

1. Launch IIS Manager:


2. Open Server then Application Pools

Locate the app pool that's giving you grief and right-click and choose "Advanced Settings".


3. Change "Load User Profile" to "True".



4. Stop and Start the changed pools





9 comments:

  1. https://coltsvs-rams.org/

    https://coltsvs-rams.org/

    https://coltsvs-rams.org/


    https://seahawks-vspackers.org/

    https://seahawks-vspackers.org/

    https://seahawks-vspackers.org/

    ReplyDelete