IIS Manager Bad Data. 0x80090005

16

When I tried to set Physical Path Credentials in the Advanced Settings, I've got an error message as follows:

Internet Information Services (IIS) Manager

Bad Data. (Exception from HRESULT: 0x80090005)

And it prevents me to set specific user to access network shared folder.

Strangely, I have another server with same configuration, it works fine but this one raised the error. Any idea?

security
iis-7
asked on Stack Overflow Feb 24, 2010 by San • edited Feb 24, 2010 by Jim Counts

4 Answers

10

if you copied over the applicationhost.config, you need to export and import also accounts encrypted through WAS.

What i did (taken from here):

Export:

aspnet_regiis -px "iisConfigurationKey" "D:\iisConfigurationKey.xml" -pri 
aspnet_regiis -px "iisWasKey" "D:\iisWasKey.xml" -pri 

Import:

aspnet_regiis -pi "iisConfigurationKey" "D:\iisConfigurationKey.xml" 
aspnet_regiis -pi "iisWasKey" "D:\iisWasKey.xml"

then copy again the applicationhost.config working again!

answered on Stack Overflow Jun 14, 2012 by Mathieu Chateau
5

I have seen that problem when the encryption keys have been misconfigured, usually because an ApplicationHost.config was copied from a different machine (without importing the encryption keys) or the encryption keys have been override incorrectly.

The reason you get that error is because whenever a password is stored (such as a virtual directory user/pwd) it is stored using encryption and that will cause it to fail.

0

Thanks to a good answer by Mathieu Chateau, I discovered that the applicationHost.config file can be edited manually to avoid the need to export and import the machine key used for the encoding. I just manually set all the app pool identities to the default app pool identity like so:

<add name="local.com">
    <processModel identityType="ApplicationPoolIdentity" loadUserProfile="true" setProfileEnvironment="false" />
</add>

I refreshed the list of app pools in the IIS manager UI, and all seemed to work just fine, including the ability to edit the app pool settings for another identity. I would expect that any other change to the properties would work fine as well.

answered on Stack Overflow May 14, 2013 by Ben Collins
0

Simple fix for me: If you are using a shared configuration for IIS, re-add the user credentials for the network location where the applicationHost file is shared. This will remove the previously encrypted credentials from the config file and replace it with the updated one.

You can also remove the encrypted field from the applicationHost file manually, e.g:

        <add name="site.com" autoStart="true" enable32BitAppOnWin64="true" managedRuntimeVersion="v4.0" startMode="AlwaysRunning">
            <processModel identityType="SpecificUser" userName=".\username" password="[enc:IISWASOnlyAesProvider:IIasdfasd225223xxx:enc]" />
        </add>
answered on Stack Overflow Nov 21, 2016 by DoComputing

User contributions licensed under CC BY-SA 3.0