Guest learner Posted November 27, 2007 Posted November 27, 2007 Permissions and auditing on the metabase file (%systemroot%system32\inetsrv\metbase.xml or metabase.bin) on all our web servers must be set so that the local IUSR_ and IWAM_ accounts are explicitly denied ALL permissions and all failure events are captured to the Security log. I modify these settings accordingly on several boxes but when I run an audit (within 10 minutes of modification) to verify, all permission and audit settings have reverted back to previous settings. According to our domain admins, there is no GPO doing this. Any ideas?
Recommended Posts