Share
Report
We have to follow IIS compliance for Dynamics CRM in one of the client project. But, when we follow few of the configuration, it stops CRM to work (mostly CRM page does not load). I want to know if those settings are not supported and the recommended settings.
1. Configure Global Authorization Rule to Restrict Access . At web site or application level, verify that the authorization rule : Remove the "Allow All Users" rule.
Issue: After removing "All users", CRM stops to load.
2. Configure Global .NET Trust Level. In the features view, double click .NET Trust Levels; and On the .NET Trust Levels page, verify that Medium (web_mediumtrust.config) is selected in the Trust Level dropdown.
Issue: CRM does not work with Medium Trust.
3. Unlisted extensions and verbs should be disallowed. Open IIS Manager. In the Connections pane on the left, select the server to be configured;Double click on ‘Request Filtering’;Click on ‘Edit Feature Settings’ in the Actions pane;Uncheck the following; Allow unlisted file name extensions’ ;Allow unlisted verbs’ ;‘Allow high-bit characters’ ;Click ‘Ok’;Click on the ‘HTTP Verbs’ tab;Click on ‘Allow Verbs’ in the Actions pane;Insert ‘GET’ and click ‘OK’;Repeat for ‘HEAD’ and ‘POST’;Click on the ‘File Name Extensions’ tab;Click on ‘Allow File Name Extension’; and Insert the respective extensions and click ‘OK’.
Issue: CRM loads with error.
4. Lock down Encryption Providers. To remove read access to the IIS_IUSRS security group on a system using .NET Framework v2.0: Open an elevated command prompt;Run the following aspnet_regiis.exe command:
%systemroot%\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe -pr iisWasKey IIS_IUSRS
*This post is locked for comments
All responses (
Answers (
291,269
