Iis500 error is caused by a Microsoft Bug. The solution is as follows:
The internal HTTP 500 error is mainly caused by the wrong password of the IWAM account (my computer is the iwam_myserver account.
Before analyzing the cause of an internal error in http500 in detail, let's give a brief introduction to the IWAM account: the IWAM account is a built-in account automatically created by the system when iis5 is installed, it is mainly used to start applications outside the process.Program. The name of the IWAM account varies depending on the NetBIOS name of each computer. The common format is iwam_machine, it is composed of the prefix "IWAM", the connection line "_", and the computer's NetBIOS name. My computer's NetBIOS name is myserver, so the IWAM account name on my computer is iwam_myserver, which is very similar to the way in which the IIS Anonymous Account isur_machine is named.
After the IWAM account is created, it is used by the Active Directory, IIS metabase database, and COM + applications. The account and password are respectively saved by the three parties, the operating system is responsible for synchronizing the IWAM password stored by the three parties. We can rest assured that the work undertaken by the operating system does not have to worry about errors, but we do not know whether it is a bug or another reason. The system sometimes fails to synchronize the password of the IWAM account, the password used by the third-party IWAM account is inconsistent. When IIS or COM + applications use the wrong IWAM password to log on to the system and start IIS Out-of-process pooled applications, the system rejects this request due to a wrong password, this causes IIS Out-of-process pooled applications to fail to start, that is, the "cannot run server {3d14228d-fbe1-11d0-995d-00c04fd919c1}" we see in the id10004 error event (here {token} is the key of IIS Out-of-process pooled applications ), it cannot be transferred to the iis5 application. An internal HTTP 500 error occurs.
Iii. Solution
Knowing the cause of an internal error in HTTP 500 makes it easy to solve the problem, that is, manually synchronize the password of the IWAM account in Active Directory, IIS metabase database, and COM + applications.
You must log on to the computer as an administrator in three steps to provide sufficient operation permissions (IWAM uses iwam_myserver as an example ).
(1) change the password of the iwam_myserver account in Active Directory
Because the password of the IWAM account is controlled by the system and generated randomly, we don't know what it is. To complete the password synchronization in the following two steps, we must set the password of the IWAM account to a value we know.
1. Choose Start> program> Administrative Tools> Active Directory users and computers to start the Active Directory users and computers Management Unit.
2. Click "user", select "iwam_myserver" on the right, right-click and select "Reset Password (t )... ", in the Reset Password dialog box that appears, set a new password for iwam_myserver. Here we will set it to" aboutnt2001 "(without quotation marks). OK, wait until the password is successfully modified.
(2) synchronize the password of iwam_myserver account in IIS metabase
This change may be too sensitive and important. Microsoft did not provide an explicit user interface for us to modify the iwam_myserver account password in IIS metabase, and only provided a management script adsutil with iis5. vbs. The script is located in the C: \ Inetpub \ adminscripts subdirectory (the location may vary depending on the settings you set when installing iis5 ).
The adsutil. vbs script has powerful functions, many parameters, and complex usage. Here we only provide the method to use this script to modify the iwam_myserver account password:
Adsutil set w3svc/wamuserpass Password
The "password" parameter is the new password of the IWAM account to be set. Therefore, the command to change the password of iwam_myserver in IIS metabase to "aboutnt2001" is:
C: \ Inetpub \ adminscripts> adsutil set w3svc/wamuserpass "aboutnt2001"
After the modification is successful, the system prompts the following:
Wamuserpass: (string) "aboutnt2001"
(3) password of iwam_myserver used to synchronize COM + applications
The iwam_myserver password used to synchronize COM + applications. You can choose either the component service MMC management unit or the IWAM account synchronization script synciwam. vbs.
1. Use the component service MMC Management Unit
(1) Start the Component Service Management Unit: Choose Start> RUN> MMC to start the management console and open the Add/delete Management Unit dialog box, add the Component Service Management Unit.
(2) choose component service> Computer> my computer> COM + application> out-of-process pooled applications ", right-click "out-of-process pooled Applications"-> "properties ".
(3) switch to the "sign" tab in the "out-of-process pooled Applications" attribute dialog box. "This application runs under the following accounts" and "this user" is selected, with the username "iwam_myserver ". These are all default values and do not need to be modified. Enter the correct password "aboutnt2001" in the "password" and "Confirm Password" text boxes below to exit.
(4) If the system prompts "the application is created by more than one external product. Are you sure you want to be supported by these products ?" .
(5) If we set "application protection" for some other web pages in IIS to "high (independent )", the IWAM account and password of the COM + application used by the web must also be synchronized. Repeat Step (1)-(4) To synchronize the IWAM account and password of the corresponding out of Process application.
2. Use the IWAM account synchronization script synciwam. vbs
In fact, Microsoft has discovered that the IWAM account has problems in password synchronization. Therefore, in the iis5 management script, a script synciwam is written separately for the IWAM account and password synchronization. vbs. The script is located in the C: \ Inetpub \ adminscripts subdirectory (the location may vary depending on the settings you set when installing iis5 ).
Synciwam. vbs script is easy to use:
Cscript synciwam. vbs [-v |-H]
The "-V" parameter indicates that the entire script execution process is displayed in detail (recommended), and the "-h" parameter is used to display simple help information.
To synchronize the password of the iwam_myserver account in the COM + application, Run "cscript synciwam. vbs-V" as follows:
Cscript c: \ Inetpub \ adminscripts \ synciwam. vbs-V
Microsoft (r) Windows Script Host version 5.6
Copyright (c) Microsoft Corporation 1996-2000. All rights reserved.
Wamusername: iwam_myserver
Wamuserpass: aboutnt2001
IIS applications defined:
Name, appisolated, package ID
W3SVC, 0, {3d14228c-fbe1-11d0-995d-00c04fd919c1}
Root, 2,
IISHelp, 2,
IISADMIN, 2,
Iissamples, 2,
MSADC, 2,
Root, 2,
IISADMIN, 2,
IISHelp, 2,
Root, 2,
Root, 2,
Out of process applications defined:
Count: 1
{3d14228d-fbe1-11d0-995d-00c04fd919c1}
Updating applications:
Name: IIS Out-of-process pooled applications key: {3d14228d-fbe1-11d0-995d-00c04fd919c1}
From the execution of the above script, we can see that using synciwam. vbs scripts is more comprehensive and fast than using component services. It first finds the IWAM account "iwam_myserver" from the metabase database of IIS, obtains the corresponding password "aboutnt2001", and then finds all the defined IIS applications and out of process applications, and synchronize the IWAM account and password of each out of process applications application one by one.
When using the synciwam. vbs script, you must ensure that the IIS metabase database and the IWAM password in Active Directory are consistent before running synciwam. vbs. Because synciwam. the vbs script obtains the IWAM account password from the IIS metabase database rather than from the Active Directory. If the password in IIS metabase is incorrect, synciwam. the password obtained by vbs is incorrect. When the synchronization operation is performed on "Updating Applications", the system reports a 80110414 error, that is, "The application {3d14228d-fbe1-11d0-995d-00c04fd919c1} cannot be found }".
Now, the password of the IWAM account in Active Directory, IIS metabase database, and COM + application has been synchronized successfully, and your ASP program can run again!