Previous Topic: TroubleshootingNext Topic: Configure an SiteMinder Web Agent on an IIS 6.0 Web Server

Installation and Upgrade GuidesWeb Agent Installation Guide for IISTroubleshooting500 Error after Configuring Agent for IIS

500 Error after Configuring Agent for IIS

Symptom:

I configured the Agent for IIS, but I get a 500 error when I try to access a protected resource.

Solution:

All the application pool identities on IIS 7.5 web servers need permissions for the following SiteMinder items on the computer hosting the IIS web server:

Follow these steps:

  1. Navigate to (but do not open) the following file: 
    web_agent_home\config\SmHost.conf
  2. Right-click the previous file, and then select Properties.

    The SmHost.conf Properties dialog appears.

  3. Click the Security tab.
  4. In the Group or User Names pane, verify that SYSTEM is selected, and then click Edit.

    Note: If the User Account Control dialog appears, click Continue.

    The Permissions for SmHost.conf dialog appears.

  5. Click Add.

    The Select Users, Computers, or Groups dialog appears.

  6. Do the following steps:
    1. Click Locations.

      The Locations dialog appears.

    2. Click the name of your computer (in the top of the list), and then click OK.

      The Locations dialog closes and the name of your computer appears in the From this location: field.

    3. In the Enter the Object names to select field, enter the name of your application pool using the following format: 
      IIS AppPool\Application_Pool_Name

      For example, to add the default application pool, enter the following:

      IIS AppPool\DefaultAppPool
    4. Click Check Names, and then click OK.

      The Select Users, Computers, or Groups dialog closes. The Permissions for SmHost.conf appears with the Application Pool selected.

  7. Under the Allow list, select the following check boxes:
  8. Click OK.

    The Permissions for SmHost.conf dialog closes.

  9. Click OK.

    The SmHost.conf Properties dialog closes.

  10. Navigate to (but do not open) the following directory: 
    web_agent_home\log
  11. Right-click the previous directory, and then select Properties.

    Note: If the User Account Control dialog appears, click Continue.

  12. Repeat Steps 3 through 9.
  13. Navigate to (but do not open) the following directory: 
    web_agent_home\bin
  14. Right-click the previous directory, and then select Properties.

    Note: If the User Account Control dialog appears, click Continue.

  15. Repeat Steps 3 through 9.

    The application pool identities are granted permissions for the SiteMinder SmHost.conf file, \log directory, and \bin directories.