1. Download the IIS Lockdown Tool from the Microsoft’s Website:
   http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=DDE9EFC0-BB30-47EB-9A61-FD755D23CDEC

 

2. Remember: The PatchLink Update Server should be installed first.  Create an IISLock directory and use WinZip or another zip extracting utility to extract the files within the IIS Lockdown Tool. 

 

3. Once the files are extracted, open the urlscan dynamic.ini in notepad and allow the following http request: PUT, POST, HEAD, GET. 

 

4. Look for the [Deny Executables that could run the Server], please allow .exe so you can download the Update Agent Installers. 

 

5. Look for [AllowExtensions] and insert .aspx so the graphs will display in version 5.0

 

 

6. Once the “INI” file has been updated and saved, launch the iislockd.exe to launch the “Lockdown Wizard”. 

 

 

7. Accept the license agreement, click “Next”.

 

8. Select Server Template: Choose the template for “Dynamic Web Server” (ASP enabled).  

 

 

9. Internet Services: Ensure Web Service (HTTP) is selected and click next.

 

 

10. Script Maps: Verify that you do not disable script maps for “Active Server Pages” (asp). 

 

 

11. Additional Security: Choose the default virtual directories you wish to disable. 

 

  

12. URLScan: When you place a check mark in the “Install URLScan Filter on the Server” box, this will load the urlscan_dynamic.ini. 

 

 

13. Ready to Apply Settings: Click the “Next” Button to apply the settings.

 

 

14. Applying Security Settings:

 

 

 

15. Applying Security Settings: After the security settings have been applied, you can “View Report” and save for future reference.  Click the “Next” button.

 

 

 

16. Complete the IIS Lockdown Wizard by clicking the “Finish” button.

 

 

17. Once the Wizard has been completed, log into the PatchLink Update Web Interface ® Go to the Reports Menu ® Select the A-Deployment Test and Diagnostics Package ® Click the Update Cache to test the package download. 

 

 

18. The icon should change from   to , as you refresh the browser.  If the icon doesn’t change, contact PatchLink Support to further troubleshoot the package download.