How to modify metabase.xml to resolve MOSS security error after installing with Kerberos option ?

After installing MOSS 2007 the administration website works, but the sites create after gives security error. The installation is done using Kerberos option. In order to enable Kerberos for SharePoint is configure Service Principle Names (SPNs) for your SharePoint service accounts in Active Directory. Now the following script is ran to make the website work with Kerberos.

C:\Inetpub\AdminScripts>Cscript adsutil.vbs set w3svc/1720207907/root/NTAuthenticationProviders “Negotiate,NTLM”

This script modify the ‘C:\WINDOWS\system32\inetsrv\metabase.xml’ file. When ran the above script it added double quote twice as show below for that website. So both Kerberos and NTML is disabled.

<IIsWebVirtualDir Location =”/LM/W3SVC/418342199/Root” AccessFlags=”AccessExecute | AccessRead | AccessScript”
AppFriendlyName=”Root”
AppIsolated=”2″
AppPoolId=”SharePoint Central Administration v3″
AppRoot=”/LM/W3SVC/418342199/Root”
AuthFlags=”AuthNTLM”
ContentIndexed=”FALSE”
DoDynamicCompression=”TRUE”
DoStaticCompression=”TRUE”
HttpCustomHeaders=”X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 12.0.0.4518″
NTAuthenticationProviders=””Negotiate,NTLM””
Path=”C:\Inetpub\wwwroot\wss\VirtualDirectories\43578″
Realm=”domain.com.au”

To fix the above issue run the above command without double quote.

C:\Inetpub\AdminScripts>Cscript adsutil.vbs set w3svc/1720207907/root/NTAuthenticationProviders Negotiate,NTLM

Diganta Kumar is an experienced Technical Program Manager with a passion for technology. He has architected and developed software for over a decade for a broad range of industries. Diganta is a founder of two online IT businesses. He likes to help, mentor, and manage software development teams to improve and produce great software. He currently works as a Principal Program Manager for Microsoft. Before joining Microsoft, he was with AWS for five years, where he managed large cross-functional programs on a global scale.

Posted in SharePoint

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.