You'll need to enable write permissions to the scripts directory.. The = IIS Lockdown tool changes the default permissions to read-only. -----Original Message----- From: george.wasgatt@xxxxxxxxxxxx [mailto:george.wasgatt@xxxxxxxxxxxx] Sent: Tuesday, October 08, 2002 11:52 AM To: thin@xxxxxxxxxxxxx Subject: [THIN] IISLOCK and STA I installed IISLOCK on my STA server and promptly broke STA. I was not surprised since I broke OWA that way last year. I looked in the Thin = Net archives and found the following from Drazen Vidokovic. Unchecking the 'Writing to Content Directories' in IISLOCK fixed the problem. SO = thanks for the help. I was curious about the article referenced as being 'on Citrix user group'. What's that and where can I find it. -------------------------------------------------------- There is an article about that on Citrix user group from Edward R. Chu I followed what he wrote and I have it working. After much = experimentation, I found the answer to my own question. Here it is for any readers. = Assuming that you have a dedicated STA server and don't want to use the IIS for = any other purpose, you need to run IISLockD and choose the following items:=20 1) Choose the "Other" template. This basically means custom.=20 2) Allow only the base web service.=20 3) Check ALL the script maps. STA doesn't appear to use ANY scripts at = all.=20 4) In "Additional security" check everything except the Scripts virtual directory (STA puts a config file and a .DLL in this folder) and = "writing to content directories" (I'm guessing STA needs to write its tickets to a folder). 5) You can install URLScan with all default settings. Like I said, STA doesn't use any scripts so you can lock this down severely if you want. Drazen=20 ********************************************** This weeks sponsor 99Point9.com 99Point9 helps solve your unresolved technical server-based questions, issues and incidents. http://www.99point9.com *********************************************** For Archives, to Unsubscribe, Subscribe or=20 set Digest or Vacation mode use the below link. http://thethin.net/citrixlist.cfm ********************************************** This weeks sponsor 99Point9.com 99Point9 helps solve your unresolved technical server-based questions, issues and incidents. http://www.99point9.com *********************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link. http://thethin.net/citrixlist.cfm