Vulscan Return codes

Description

What do the codes returned at the bottom of a vulscan.log mean?  "Exiting with return code 0x8db301b0"

Resolution

0xdb3 and 0x8db3 are the facility codes for the vulscan.exe agent.  If the the facility code starts with 8 after the 0x, then there was an error.  If it just starts with db3, then it's a success code.

The final 2 or 3 digits are hex values for the following decimal return codes.

IDS_PATCH_CLIENT_ALREADY_RUNNING 401

IDS_PATCH_SCAN_ONLY_COMPLETE 402

IDS_PATCH_SCAN_AND_REPAIR_COMPLETE 403

IDS_PATCH_CANT_GET_VUL_DATA 404

IDS_PATCH_NO_PATCHES_AVAILABLE 405

IDS_PATCH_CANT_RESOLVE_DEVICEID 406

IDS_PATCH_NOTHING_TO_REMOVE 407

IDS_PATCH_CANT_GET_REMOVE_INFO 408

IDS_PATCH_FAILED_DOWNLOAD 409

IDS_PATCH_COMMANDS_FAILED 410

IDS_PATCH_REMOVE_SUCCEEDED 411

IDS_PATCH_ALL_PATCHES_FAILED 412

IDS_PATCH_SOME_PATCHES_FAILED 413

IDS_PATCH_ALL_PATCHES_INSTALLED 414

IDS_PATCH_REMOVE_VULSCAN_SUCCEEDED 415

IDS_PATCH_REMOVE_VULSCAN_FAILED 416

IDS_PATCH_INSTALL_VULSCAN_SUCCEEDED 417

IDS_PATCH_FAILED_TO_ELEV_RIGHTS 418

IDS_PATCH_INVALID_COMMANDLINE 419

IDS_PATCH_CLEAR_SCAN_SUCCESSFUL 420

IDS_PATCH_RESET_SUCCESSFUL 421

IDS_PATCH_RESET_FAILED 422

IDS_PATCH_REBOOT_SUCCEEDED 423

IDS_PATCH_USER_CANCELLED 424

IDS_PATCH_SCRIPT_INIT_FAILURE 425

IDS_PATCH_FAILED_REGISTER_MSXML3        426

IDS_PATCH_USER_CANCELLED_ACTION 427

IDS_PATCH_USER_DEFERRED_ACTION 428

IDS_PATCH_ALL_STAGING_FAILED 429

IDS_PATCH_SOME_STAGING_FAILED 430

IDS_PATCH_ALL_PATCHES_STAGED 431

IDS_PATCH_CANT_GET_AGENT_BEHAVIOR 432

IDS_PATCH_SEND_RESULTS_FAILED 433

IDS_PATCH_SPYWARE_INIT_FAILED 434

IDS_PATCH_USER_CANCELLED_REBOOT 435

IDS_PATCH_USER_DEFERRED_REBOOT 436

IDS_PATCH_NOT_REBOOTED_YET 437

IDS_PATCH_UNKNOWN_PLATFORM 438

IDS_PATCH_UPDATE_SUCCEEDED 439

IDS_PATCH_UPDATE_FAILED 440

IDS_PATCH_CHANGESETTINGS_SUCCEEDED      441

IDS_PATCH_CANT_GET_AV_BEHAVIOR 442

IDS_PATCH_CANT_GET_CV_BEHAVIOR 443

IDS_PATCH_RUN_INVALID_ARGS 444

IDS_PATCH_RUN_COMPLETED 445

IDS_PATCH_RUN_FAILED 446

IDS_PATCH_INSTALL_LDAV_SUCCEEDED        447

IDS_PATCH_INSTALL_LDAV_FAILED 448

IDS_PATCH_REMOVE_OLD_AV_SUCCEEDED 449

IDS_PATCH_REMOVE_OLD_AV_FAILED 450

IDS_PATCH_CANT_GET_COMPLIANCE_BEHAVIOR  451

IDS_PATCH_AGENT_NOT_MINIMUM_VER 452

IDS_PATCH_REMOVE_LDAV_SUCCEEDED       453

IDS_PATCH_REMOVE_LDAV_FAILED 454

IDS_PATCH_INSTALL_HIPS_SUCCEEDED        455

IDS_PATCH_INSTALL_HIPS_FAILED 456

IDS_PATCH_REMOVE_HIPS_SUCCEEDED       457

IDS_PATCH_REMOVE_HIPS_FAILED 458

IDS_PATCH_CANT_GET_HIPS_BEHAVIOR        459

IDS_PATCH_INCOMPATIBLE_AV         500

IDS_PATCH_AV_XPSP2_NOT_FOUND 461

IDS_PATCH_AV_INSTALL_FAILED 462

IDS_PATCH_CANT_APPLY_FIREWALL_BEHAVIOR 463

IDS_PATCH_WAITING_FOR_USER_REBOOT 464

IDS_PATCH_DEFERRED 465

IDS_PATCH_FAILED_TO_DEFER 466

IDS_PATCH_NOT_ALL_PATCHES_SCANNED 467

IDS_PATCH_CANNOT_LOGON_USER 468

IDS_PATCH_CANT_GET_DCM_BEHAVIOR 469

IDS_PATCH_CANT_GET_CCM_BEHAVIOR 470

IDS_PATCH_CANT_GET_LDF_BEHAVIOR 471

IDS_PATCH_AV_W2K3SP2_NOT_FOUND 472

IDS_PATCH_INSTALL_LDAV_PENDING 473

IDS_PATCH_INSTALL_UDINSTALLER_FAILED    474

IDS_PATCH_REBOOT_COMMAND 475

IDS_PATCH_CANT_GET_REPLICATION_BEHAVIOR 476

IDS_PATCH_WAITING_FOR_REBOOT 477

IDS_PATCH_AV_PLATFORM_NOT_SUPPORTED 478

IDS_PATCH_AV_CANT_LAUNCH_SETUP 479

IDS_PATCH_AV_CANT_REMOVE_LEGACYAV       480

IDS_PATCH_AV_CANT_LAUNCH_UNINSTALL 481

IDS_PATCH_AV_SETUP_DOES_NOT_EXIST       482

IDS_PATCH_AV_CANT_CREATE_SETUPINI       483

IDS_PATCH_AV_KAVSETUP_FAILED 484

IDS_PATCH_AV_KAVSETUP_ALREADY_INSTALLED 485

IDS_PATCH_KAV_ALREADY_INSTALLED_REBOOT_PENDING 486

IDS_PATCH_AV_CANT_REMOVE_OLD_KAV        487

IDS_PATCH_AV_INSTALL_TASK_PENDING       488

IDS_PATCH_FAILED_WRITE_FILTER                  489

IDS_PATCH_PREREPAIR_FAILED                     490

IDS_PATCH_NOT_MAINT_WINDOW                     491

IDS_PATCH_APPLY_TRUSTED_FILES_FAILED    492

IDS_PATCH_BAD_OR_MISSING_POLICY_FILE    493

IDS_PATCH_FILE_INVALID_HASH                           494

IDS_PATCH_FAILED_APPLY_MAC_POWER        495

IDS_PATCH_REBOOT_NOT_NEEDED                           496

IDS_PATCH_CANT_REMOVE_AGENT_BEHAVIOR    497

IDS_PATCH_AV_CANT_INITIALIZE_KES     498

IDS_PATCH_REBOOT_NOT_ALLOWED                   499

IDS_PATCH_INCOMPATIBLE_AV                      500

IDS_PATCH_REBOOT_IGNORED_WSCFG32        502

IDS_PATCH_FAILED_WRITE_FILTER                  489

IDS_PATCH_PREREPAIR_FAILED                     490

IDS_PATCH_NOT_MAINT_WINDOW                     491

IDS_PATCH_APPLY_TRUSTED_FILES_FAILED    492

IDS_PATCH_BAD_OR_MISSING_POLICY_FILE    493

IDS_PATCH_FILE_INVALID_HASH                           494

IDS_PATCH_FAILED_APPLY_MAC_POWER        495

IDS_PATCH_REBOOT_NOT_NEEDED                           496

IDS_PATCH_CANT_REMOVE_AGENT_BEHAVIOR    497

IDS_PATCH_AV_CANT_INITIALIZE_KES     498

IDS_PATCH_REBOOT_NOT_ALLOWED                   499

IDS_PATCH_INCOMPATIBLE_AV                      500

IDS_PATCH_REBOOT_IGNORED_WSCFG32        502

How to:

You may want to know which files are downloaded from a preferred server or the core server, or any other computers either from HTTP or UNC.

Wireshark has some very powerful tools to determine a list of them with a lot of detailed information.

Step by Step:

For our example, let's say we want to know which files are distributed through UNC from the Core Server (IP address: 172.20.0.224);

1- Run a Wireshark trace from the Core Server

2- Determine how much data have been downloaded from each client through TCP protocol and through port 445 (Default port used by SMB/SMB2).

To do that, go in Wireshark > Statistics > Endpoints > "TCP" tab;

• Column "Address A": Clients
• Column "Address B": Core Server
• Column "Port B": Port 445 (SMB) used
• Column "Bytes": Number of bytes downloaded by each client
  

3- To see which files are downloaded from the Core Server via UNC, go in Wireshark > File > Export Objects > Choose SMB/SMB2 and you will see this;

• Column "Packet num": Reference of the packet (It will tell you which client IP is concerned if you go on this packet number as well by double-clicking the line)
• Column "Hostname" / Column "FileName": It gives you the root of the shared drive concerned and the rest of the path
• Column "Content Type": It gives you the full size of the file to be downloaded and also the percentage downloaded during the trace

NOTE: This is quite good, because you don't need to wait for the full load of the file from Core Server to the client to know which file is currently downloaded.

Conclusions:

You can also check which files are downloaded through Http as well by going in Wireshark > File > Export Objects > Choose HTTP

It will really help you to qualify the traffic transiting between 2 computers.

This document outlines the supported platforms for LANDESK Management Suite, including supported clients along with server and database requirements for all supported versions of LANDESK Management Suite.

	Supported:LANDESK Software has successfully tested and validated the operating system (OS) version with LANDESK Software. LANDESK provides full technical support for the LDMS components running on the OS.
	Supported with a patch:LANDESK Software has successfully tested and validated the operating system (OS) version with LANDESK Software. LANDESK provides full technical support for the LDMS components running on the OS, however an additional patch is required to enable support for the OS.
	Legacy: This involves installing an agent from a previous version of LANDESK on the OS and using it with current code. New features are not available and support is not offered for this method of device management.
*	Future Update: This column or row is informational and subject to change until release.

What is the End of Life for LANDESK Products

Please click here be referred to our main website for the most up-to-date product availability and support information for all LANDESK products.

Supported LANDESK Agent - Client Operating Systems

Operating Systems	9.5	9.5 SP1	9.5 SP2	9.5 SP3	9.6	9.6 SP1	Future Update*
Mac OS X 10.6.8	0 1	0	5	5	5	9	9
Mac OS X 10.7.5	0 1	0	0	0	5	5	9
Mac OS X 10.8.5	0 1	0	0	0	0	0	5
Mac OS X 10.9.x	9	1	0	0	0	0	0
Mac OS X 10.10.x	9	9	9	9	1	0	0
Windows 2000 Professional SP4	5	5	5	9	9	9	9
Windows XP Professional x32 SP3	0	0	0	0	0	0	5
Windows XP Professional x64 SP3	0	0	0	0	0	0	5
Windows Vista (32-bit) SP2 or higher	5	5	5	5	5	9	9
Windows Vista (64-bit) SP2 or higher	5	5	5	5	5	9	9
Windows 7 Professional/Enterprise/Ultimate x32	0	0	0	0	0	0	0
Windows 7 Professional/Enterprise/Ultimate x32 SP1	0	0	0	0	0	0	0
Windows 7 Professional/Enterprise/Ultimate x64	0	0	0	0	0	0	0
Windows 7 Professional/Enterprise/Ultimate x64 SP1	0	0	0	0	0	0	0
Windows 8 Professional/Enterprise x32	9	0	0	0	0	0	0
Windows 8 Professional/Enterprise x64	0 1	0	0	0	0	0	0
Windows 8.1 Professional/Enterprise x64	9	1	0 1	0	0	0	0
Windows 8.1 Update 1 Professional/Enterprise x64	9	9	9	0	0	0	0

Supported LANDESK Agent - Server Operating Systems

Operating Systems	9.5	9.5 SP1	9.5 SP2	9.5 SP3	9.6	9.6 SP1	Future Update*
AIX 6.x x64 (PPC)	9	0 1	0 1	0 1	0 1	0 1	9
AIX 7.1 x64 (PPC)	9	0 1	0 1	0 1	0 1	0 1	9
CentOS 5 x32	0 1	0 1	0 1	0 1	0 1	0 1	9
CentOS 5 x64	0 1	0 1	0 1	0 1	0 1	0 1	9
CentOS 6 x32	0 1	0 1	0 1	0 1	0 1	0 1	9
CentOS 6 x64	0 1	0 1	0 1	0 1	0 1	0 1	9
CentOS 7 x64	9	9	9	9	9	0 1	9
HP-UX 11.11v1 / 11.23 PA RISC x64	0 1	0 1	0 1	0 1	9	9	9
HP-UX 11.31 PA RISC x64	0 1	0 1	0 1	0 1	0 1	0 1	9
HP-UX 11.23v2 /11.31 on Itanium x64	0 1	0 1	0 1	0 1	0 1	0 1	9
Red Hat Enterprise Linux Advanced Platform 5 x32/x64	0 1	0 1	0 1	0 1	0 1	0 1	9
Red Hat Enterprise Linux 6 x32/x64	0 1	0 1	0 1	0 1	0 1	0 1	9
Red Hat Enterprise Linux 7 x64	9	9	9	9	9	0 1	9
Solaris 10 (SPARC64/x86_64) with Update 8 or later	0 1	0 1	0 1	0 1	0 1	0 1	9
Solaris 11 (Sparcx64/x86_64)	9	9	9	9	0 1	0 1	9
SuSE Linux Enterprise Server 10 x32/x64	0 1	0 1	0 1	0 1	0 1	0 1	9
SuSE Linux Enterprise Server 11 x64	0 1	0 1	0 1	0 1	0 1	0 1	9
Windows Server 2003 Standard/Enterprise SP2 x32/x64	0	0	0	0	0	0
Windows Server 2003 R2/SP2 Standard/Enterprise x32/x64	0	0	0	0	0	0
Windows Server 2008 Standard/Enterprise SP2 x32/x64	0	0	0	0	0	0	9
Windows Server 2008 R2 Standard/Enterprise x64	0	0	0	0	0	0	9
Windows Server 2008 R2 Standard/Enterprise x64 SP1	0	0	0	0	0	0	9
Windows Server 2012 x64	0 1	0	0	0	0	0	9
Windows Server 2012 R2 x64	9	1 1	0 1	0	0	0	9
Windows Server 2012 R2 with Update x64	9	9	9	0	0	0	9

Supported LANDESK Agent - Embedded Operating Systems

Operating Systems	9.5	9.5 SP1	9.5 SP2	9.5 SP3	9.6	9.6 SP1	Future Update*
Windows Embedded Standard/Enterprise 2009	9	9	9	0	0	0	9
Windows Embedded Standard/Enterprise 7	9	9	9	0	0	0	9
Windows Embedded POSReady 2009	9	9	9	0	0	0	9
Windows Embedded POSReady 7	9	9	9	0	0	0	9
HP ThinPro	9	9	9	0	0	0	9

Supported LANDESK Mobile Operating Systems

Operating Systems	9.5	9.5 SP1	9.5 SP2	9.5 SP3	9.6	9.6 SP1	Future Update*
Android	0	0	0	0	0	0	0
iOS	0	0	0	0	0	0	0
Blackberry OS1	0	0	0	0	0	0	0
Windows Mobile 6 or Higher1	0	0	0	0	0	0	0

Supported LANDESK Console Operating Systems

Operating Systems	9.5	9.5 SP1	9.5 SP2	9.5 SP3	9.6	9.6 SP1	Future Update*
Windows XP SP3	0	0	0	0	0 1	0 1	9
Windows Server 2008 R2 Standard/Enterprise x64	0	0	0	0	0	0
Windows Server 2012 x64	9	9	9	0	0	9	9
Windows Server 2012 R2 Update 1 x64	9	9	9	0	0	0	0
Windows 7 x32 SP1	0	0	0	0	9	9	9
Windows 7 x64 SP1	0	0	0	0	0	0	0
Windows 8 Professional/Enterprise x64	0	0	0	0	0	0	9
Windows 8.1 Professional/Enterprise x64	9	9	0	0	0	9	9
Windows 8.1 Update 1 Professional/Enterprise x64	9	9	9	0	0	0	0

Supported LANDESK Core Server Operating Systems

Operating Systems	9.5	9.5 SP1	9.5 SP2	9.5 SP3	9.6	9.6 SP1	Future Update*
Windows Server 2008 R2 Standard/Enterprise x64 SP1	0	0	0	0	5 1	5 1	9
Windows Server 2012 R2 Update 1 Standard/Enterprise x64	9	9	9	9	0	0	0

Supported LANDESK Core Server Database

Database Management System	9.5	9.5 SP1	9.5 SP2	9.5 SP3	9.6	9.6 SP1	Future Update*
MS SQL Server Express 2005	5	5	5	5	9	9	9
MS SQL Server 2008	0	0	0	0	0	0	9
MS SQL Server Express 2008	0	0	0	0	0	0	9
MS SQL Server 2008 R2	0	0	0	0	0	0	9
MS SQL Server 2012	0	0	0	0	0	0	0
MS SQL Server 2012 Express	0	0	0	0	0	0	0
MS SQL Server 2014	9	9	9	9	0	0	0
Oracle Database 11g Release 2 (11.2.0.2)	0	0	0	0	5 1	5 1	9

LANDESK Management Suite and Cloud Services Appliance Compatibility

Operating Systems	9.5	9.5 SP1	9.5 SP2	9.5 SP3	9.6	9.6 SP1	Future Update*
Cloud Services Appliance 4.0	0	0	0	5	9	9	9
Cloud Services Appliance 4.2	0	0	0	5	5	9	9
Cloud Services Appliance 4.3	0	0	0	0	0	0	0
Future Update*	9	9	9	0	9	0	0

LANDESK Management Suite and Asset Lifecycle Manager Compatibility

Operating Systems	9.5	9.5 SP1	9.5 SP2	9.5 SP3	9.6	9.6 SP1	Future Update*
ALM 5.01	0	0	0	9	9	9	9
ALM 5.06	0	0	0	0	0	0	0
ALM 6.01	0	0	0	0	0	0	0
ALM 6.02	0	0	0	0	0	0	0

LANDESK Management Suite and Service Desk Compatibility

Please refer to the following document for the most current information for details on compatibility and integration.

• Service Desk and LDMS Integration Compatibility Matrix

Asset Lifecycle Manager and Service Desk Compatibility

Service Desk Version	ALM 5.01	ALM 5.06	ALM 6.01
Service Desk 7.6 / 7.6.1	0	0	0
Service Desk 7.7.x	0	0	0
Next Version*	5	0	0

XTrace for LDMS 9.6 and newer

As of LDMS 9.6 all that is needed to enable XTrace verbose logging on client machines it to modify the following registry keys on the target client machine:

64-bit:

||HKLM|SOFTWARE|Wow6432Node|landesk|managementsuite|LogOptions

32-bit:

||HKLM|SOFTWARE|landesk|managementsuite|LogOptions

To enable the logging options change their value to "1", or back to "0" to disable the verbose logging. The keys you can modify to enable verbose logging are:

logInfo

logType

logVerbose

logXTrace

Once the logging options are enabled the existing logs for the various components will simply become more verbose instead of a new logs being generated. You will still gather the same logs you would have before.

XTrace for LDMS 9.5 and older

XTrace functionality is in the registry only.

To activate Xtrace manually create any or all of the following registry entries in the following location:

32Bit OS

[HKEY_LOCAL_MACHINE\\SOFTWARE\\Intel\\LANDesk\\XTrace]

64Bit OS

[HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Intel\\LANDesk\\XTrace]

Note: The registry entries should be a DWORD value with a "Value data" of 1

An executable that can automatically set these registry key values is attached here:

  LDDebugLogEnabler.zip

Note: The executable is not supported by LANDesk but is written independently by Jared Barneck.

The name of the XTrace log is the value name with a .xlg extension. This log file will show up in the same directory as the application that is being traced.

Note: To enable Xtrace for LANDesk Provisioning, the following method can be used:

1. Modify the Provisioning template
2. Add a Wait action as the first action in the OS Deployment section.  (5 to 10 minutes should be enough to make the changes to the registry)
3. Remote control the client and make the appropriate registry changes to turn on Xtrace.
4. After the template has finished, collect the XTRACE logs you have turned on.  These will end with a .XLG extension.

Purpose

This document outlines how to Trace Failed Requests in IIS. This can be useful in troubleshooting issues that involve IIS performance.

Table of Contents

• Enable Failed Requests Tracing in IIS
• Configure Failed Requests Tracing on Web Service
• Review Failed Request Logs

Enable Failed Requests Tracing in IIS

The following document provides steps for Server 2012 R2. For other operating systems, please refer to Microsoft's article on Trace Failed Requests.

• On the task-bar, click Server Manager.

• In Server Manager, click the Manage menu, and then click Add Roles and Features.

• On the Installation type page, select the installation type and click Next.

• In Server Selection, select the destination server and click Next.

• On the Server Roles page, expand Web Server (IIS), expand Web Server, expand Health and Diagnostics, and then select Tracing. Click Next.

• On the Select features page, click Next.

• On the Confirm installation selections page, click Install.

• On the Results page, click Close.

Configure Failed Requests Tracing on Web Service

• On the task-bar, click Server Manager.

• In Server Manager, click Tools and then click Internet Information Services (IIS) Manager

• In the IIS Manager, expand the Website (LDMS Core name), expand Sites, expand Default Web Site, select the Web Service to be traced.

• With the Web Service selected, select Failed Request TracingRules

• In the Failed Request Tracing Rules, under the Actions section on the right, select Add.

• In the Specify Content to Trace window, select All Content (unless other settings are specified by technician). Click Next.

• In the Define Trace Conditions window, select Status Codes and enter the value of the codes to trace. Click Next.

Example: 200.1-299.9, 400.1-499.9.

• In the Select Trace Providers window, select all Providers(unless specified otherwise by a technician). Click Finish.

• In the Failed Request Tracing Rules, the newly created rule will be listed.

• The trace rule has been configured, but not enabled. Under Alerts on the right is a note that states this:

Failed request tracing is not enabled for this website. To enable logging of failed requests for this website, navigate to the website Home at the server scope in the IIS Manager and edit the Failed Request Tracing settings from the Actions pane.

• In the IIS Manager, expand the Website (LDMS Core name), expand Sites, select Default Web Site.

• Under Actions | Configure, select Failed Request Tracing

• In the Edit Website Failed Request Tracing Settings, select Enable. Click OK.
  • Directory can be modified if desired. Default outputs trace logs to: %SystemDrive%\inetpub\logs\FailedReqLogFiles
  • Maximum number of trace files can be modified if desired. Default is 50.

IIS Failed Request Tracing is now active on the web services that have trace rules configured. Transactions that meet the criteria defined in our rule will be logged.

Review Failed Request Logs

With failed request tracing enabled, files will populate the defined path in the Edit Website Failed Request Tracing Settings.

There will be a freb.xsl (this styles the xml when opened in Internet Explorer), and fr###.xml files. Open the *.xml file in Internet Explorer to review the trace information.

Example:

• "C:\inetpub\logs\FailedReqLogFiles\W3SVC1\fr000001.xml"
• "C:\inetpub\logs\FailedReqLogFiles\W3SVC1\freb.xsl"

LANDESK® Management Suite 9.6

The latest Service Pack for LANDESK Management Suite 9.6 is Service Pack 2, released May 15th, 2015. You can access the download links and related information about the Service Pack in the Downloads section:

Product Downloads

To download Service Pack 2, you must be logged into the LANDESK Community and be a customer with current maintenance or a LANDESK partner.

For information about Component Patches and updates, please see LDMS 9.6 Sustaining Patch Information

LANDesk® Management Suite 9.5

The latest Service Pack for Management Suite 9.5 is Service Pack 3, released October 6, 2014.  You can access the download links and related information about the service pack in the product downloads section:

Product Downloads

To download Service Pack 3, you must be logged into the LANDesk Community and be a customer with current maintenance or a partner.

For information about Component Patches and updates please see LDMS 9.5 Sustaining Patch Information

Have you added "*.landesk.com" to the Trusted Sites in Internet Explorer?

Without this action, installing service packs and/or patches may result in unexpected failures.
For detailed steps on performing this action see this article.

LANDesk® Management Suite 9

The latest Service Pack for Management Suite 9 is Service Pack 4, released March 8, 2013.  You can access the download links and related information about the service pack in the product downloads section:

Product Downloads

To download Service Pack 4, you must be logged into the LANDesk Community and be a customer with current maintenance or a partner.

Note: LANDesk Management Suite Service Pack 4 requires that Service Pack 3 be installed first. If you have not already installed SP3, you can find more information about it in the Product Downloads section above.

Older Downloads

Service Pack 2 Downloads

(Only the core patch should be run on the core server.  The console patch should not be run).

There is a version of Management Suite 9.0 that includes SP2 slipstreamed into the install.  You can access this download in two ways:

• From the product downloads section of the Self-Service Portal.
• From the Trial Download page.  (The trial download is a complete LDMS installation)

After installing SP2 on your core server, the server will need to reboot.  Once it starts up again, you need to reactivate the core using your activation credentials. If activating for a 45-day trial, select the option "Activate this core for a 45-day evaluation".

If LANDesk Asset Life-cycle Manager is also installed on the core server make sure that the "Core Server Activation" shortcut is selected to activate.

SP2 for TVT is slipstreamed into a full installation. It can be applied to TVT 9 or used for a new installation. The file can be downloaded from the product downloads section of the Self-Service Portal.  Because it is a zip file if *.landesk.com is not added as a trusted site file streams will be present on the contents of the zip.

An updated MAC agent will be released with in the next 30 days.  The MAC agent is currently being tested to verify the resolution of remaining issues.

LANDesk® Management Suite 8.8

The latest Service Pack for version 8.8 is Service Pack 4, released on April 30, 2010.
You can download and deploy the patches using the Patch Manager tool within your LANDesk console, or download the individual patches below.

8.8 SP4 Readme

Important Note: There is a known issue with softmon.exe in LANDesk Management Suite 8.8 SP4 ONLY. If you are installing SP4, please review the following article and apply the patch immediately after installing SP4 on the core server.

Softmon.exe with high CPU utilization after applying 8.8 SP4

LANDesk® Management Suite 8.7

The latest Service Pack for version 8.7 is Service Pack 6, released on November 12, 2008. 
You can download and deploy the patches using the Patch Manager tool within your LANDesk console, or download the individual patches below.

Other related files

LANDesk® Process Manager 4.0

For the latest rollup information for Process Manager, please refer to Document 2354.

Legacy Products

Note: The above .zip files for legacy products include the Core, Console, Client, Web Console, and Rollup Core patches.

Related Files:

LDMS 8.61 SP4 Readme

LANDESK Management Suite / Security Suite 9.6 Service Pack 2 Release Information

Installation Information

Supported Platforms and Compatibility Matrix for LANDESK Management Suite

General articles about 9.6 SP2

Endpoint Security UI changes for SP2

Best Known Methods for Mac OS X Provisioning in 9.6 Service Pack 1(this document has updated information with the improvements in SP2)

Other information

LANDESK Management Suite / Security Suite 9.6 Release Information

LANDESK Management Suite / Security Suite 9.6 Service Pack 1 Release Information

     9.6 SP2 Readme

Downloads

LANDESK Management Suite / Security Suite 9.6 Service Pack 2

Environment:

LDMS 9.6 and newer, wanting to rebrand the LANDESK Agent to display their own company's logo

Scenario:

First go to your Agent settings and open up the Distribution and Patch Settings

Then you will go down to the branding section at the bottom of the menu tree. Once you are within the Branding Section, click on the blue Go to “Branding” link

The Branding window will allow you to verify where you images will be stored as well as allow you to upload your images and also preview how the Repair, Status, and Reboot dialog windows will look with your logo.

Click the preview button to be given a drop down of the available windows

The Icon file will be placed in the upper left hand portion of each window as well as be the display icon on your system tray

Issue:

How can you move the location of the SDMCACHE folder on clients in Management Suite 9.6?

Solution:

• On the Client edit C:\ProgramData\LANDESK\TMCDownload\downloadermulticastconf.xml
• Change the <CacheDirectory> value to the desired path.

Example:

Original

<CacheDirectory>C:\ProgramData\LANDesk\ManagementSuite\sdmcache</CacheDirectory>

New

<CacheDirectory>E:\LDCache</CacheDirectory>

Client Side Logfile locations by LANDESK component

For More Information...

For a list of 9.6 SP1 Client Side Log locations, see LANDESK Management Suite 9.6 SP1 Client Log File Locations

For a list of 9.6 Client Side Log locations, see LANDESK Management Suite 9.6 Client Log File Locations

For a list of 9.5 Server Side Log locations, see 9.5 LANDesk Server Log File Locations for Troubleshooting

Alerting

C:\Program Files\ LANDesk\shared files\alert.log

C:\Program Files\LANDesk\LDClient\alertsync.log

C:\Program Files\LANDesk\LDClient\lddetectsystem.log

C:\Program Files\LANDesk\LDClient\createmonitorroot.log

AMT

C:\Program Files\LANDesk\LDClient\amtmon.Log

AntiVirus (LANDesk)

C:\ProgramData\LANDeskAV\ldav.log

C:\ProgramData\LANDeskAV\ldav_scan.log

C:\ProgramData\LANDeskAV\ldav_update.log

C:\ProgramData\LANDeskAV\ldav_install.log

C:\ProgramData\LANDeskAV\msi_install.log

CBA8 logs (Common Base Agent)
C:\Program Files\LANDesk\shared files\residentagent.log
C:\Program Files\LANDesk\shared files\residentagent.old
C:\Program Files\LANDesk\shared files\servicehost.log
C:\Program Files\LANDesk\shared files\servicehost.old

C:\Program Files\LANDesk\LDClient\fwregister.log

Cloud Services Appliance

C:\Program Files\LANDesk\shared files\proxyhost.log

C:\Program Files\LANDesk\LDClient\brokerconfig.log

Endpoint Security

Files within C:\Program Files\LANDesk\LDClient\HIPS:

DCM.log (Device Control – Logs Device Information)

DCMVolumes.log (Device Control – Logs Volume Information)

ERROR.LOG (Shows Endpoint Security service errors)

NetworkDetection.log (Shows Network Location Awareness information)

ShadowCopy.log (Device Control – Shadow copy information)

Files within C:\Documents and Settings\All Users\Application Data\LDSec

LDSECSETUP32-HIPS-debug.log (Debug level log for installation)

LDSECSVC-DCM-debug.log (Debug level log for Device Control)

LDSECSVC-HIPS-debug.log (Debug level log for HIPS)

Files within C:\Documents and Settings\All Users\Application Data\Vulscan

Vulscan.log (logs Endpoint installation, settings changes, etc)

For more information on troubleshooting Endpoint Security and logs please see Community DOC-9853

InventoryScanner

C:\Program Files\LANDesk\LDClient\ldiscn32.log

C:\Program Files\LANDesk\LDClient\data\ldiscn32.log
(This log appears when ldiscn32.exe is run with the "/debug" switch)

C:\Program Files\LANDesk\LDClient\ldiscnupdate.log

Local Scheduler tasks

C:\Program Files\LANDesk\LDClient\localsch.log

C:\Program Files\LANDesk\LDClient\LDSystemEventCapture.log

Macintosh

\Library\Application Support\LANDesk.log (All Components)

Security and Patch Manager
C:\ProgramData\vulScan\vulscan.log

C:\ProgramData\vulScan\vulscan.#.log
(The vulscan log will roll and create a vulscan.1.log, vulscan.2.log, etc)
C:\Program Files\LANDesk\LDClient\vulscan.log

C:\ProgramData\vulScan\softmon.log

Software Distribution
C:\Program Files\LANDesk\LDClient\data\sdclient_task#.log
C:\Program Files\LANDesk\LDClient\data\sdclient.log

C:\Program Files\LANDesk\LDClient\tmcsvc.log

C:\Program Files\LANDesk\LDClient\data\SDClientTask.[Core-Name].[task#].log

C:\Program Files\LANDesk\LDClient\data\[MSI Name].log (created during installation of MSI packages)

C:\Program Files\LANDesk\LDClient\CurrentDownloads.log (information regarding whether a file has been downloaded from the source or from a preferred server)

Software Distribution - Policies

C:\Program Files\LANDesk\LDClient\policy.cgi.log

C:\Program Files\LANDesk\LDClient\policy.client.portal.log

C:\Program Files\LANDesk\LDClient\policy.client.invoker.log

C:\Program Files\LANDesk\LDClient\policy.sync.log

Software License Monitoring
C:\Program Files\LANDesk\LDClient\data\gatherproducts.log
C:\Program Files\LANDesk\LDClient\data\proddefs\*.xml

Remote Control logs

Please refer to this document here : What log files are used for Remote Control Troubleshooting?

Environment

LANDESK Management Suite 9.0

LANDESK Management Suite 9.5

LANDESK Management Suite 9.6

Problem/Issue/Symptoms

The on line activation process of a LANDESK Management Suite Core server fails.

Causes

The most common causes for this issue are:

1. Lack of http connectivity towards license.landesk.com
2. Missing certificates on the core
3. Missing registry key for the activation URL

Solutions

1) Lack of http connectivity towards license.landesk.com

1.1) Check if your core server is able to communicate with license landesk com, executing a ping license.landesk.com in a command prompt, a public IP address should reply, for instance 204.246.129.106.

1.2 Verify that you can open in a browser the following URL:http://license.landesk.com/authorizationservice/licensing.asmx

1.3) Verify that the proxy options used in your web browser are the same used in your Core Server Activation, if the browser is able to reach the URL just checked.

1.4) Verify that the software and hardware firewalls between your core and the internet allow your core to reach license.landesk.com on the tcp port 80 (http).

1.5) Verify that your %windir%\system32\drivers\etc\hosts file doesn't contain any line referring to license.landesk.com

2) Missing certificates on the core

2.1) In the folder %programfiles(x86)%\LANDesk\Shared Files\keys\. You should find  one file for each of the following extensions: .0, .cer, .crt and .key. If you are running a 32 bit server remove the (x86) part in the path. On a 9.6 Core user the %programfiles% folder instead.

2.2) Verify that the registry key CertName in HKLM\Software\Wow6432Node\LANDesk\ManagementSuite\Setup is pointing to the right certificate name. On a 9.6 core remove the Wow6432Node part from the registry path.

2.3) Verify to have a .0 file with the same name as the one just checked in the folder %programfiles(x86)%\LANDesk\Shared Files\cbaroot\certs\. If you are running a 32 bit server remove the (x86) part in the path. On a 9.6 Core user the %programfiles% folder instead.

2.4) To troubleshoot a missing or deleted certificate follow this article: How to troubleshoot a missing or deleted core certificate.

3) Missing registry key for the activation URL

3.1) Verify the presence of the AuthorizationServiceUrl key in HKLM\Software\Wow6432Node\LANDesk\ManagementSuite. The value of the key (string) must be http://license.landesk.com/authorizationservice/licensing.asmx On a 9.6 core remove the Wow6432Node part from the registry path.

4) Other complementary tasks

4.1) Run the core server activation as an administrator

4.2) Track the activation process with procmon or wireshark to check if the core is really able to communicate with license.landesk.com

4.3) Delete the content of the %temp%, %tmp% and %windir%\temp folders

4.4) Delete all the .txt and .save files in the %programfiles(x86)%\LANDesk\Authorization Files\ folder\. If you are running a 32 bit server remove the (x86) part in the path. On a 9.6 Core user the %programfiles% folder instead.

5) Other resources

5.1) Unable to activate an 8.7 / 8.8 core server online: https://community.landesk.com/docs/DOC-29443

5.2) Manually activating the core server via email: How to Activate the Core Server

5.3) Missing licenses and subscriptions after a major release upgrade: The core server you are connecting to does not appear to have a valid license

ThinkServer EasyManage Included Features

Included with ThinkServer RD120, RS110, TD100, TD100x and TS100

• Inventory & Reporting
• Hardware Monitoring and Alerting
• Lenovo Hardware Patch (OS level packages)
• Health Dashboard
• IPMI management
• Web console access
• Integrated Lenovo ThinkServer Updates

Add-on Features

Bare Metal Provisioning (with Lenovo Templates)

• PMA, Incident packs and Training
• Full Software Distribution and Inventory Metering
• Full Patch Management (subscription)

Other Links:

Lenovo ThinkServer EasyManage (Lenovo Website)

Lenovo ThinkServer EasyManage Download

Console View

Description:

Lenovo Hardware Password Manager (HPM) Training Video:

Course Description
This course will provide the student  with information on Lenovo Hardware Password manager. The student will be  provided with an overview to the different types of hardware passwords and what  each protects. You will learn the features and benefits of Lenovo's Hardware  Password Manager. Server setup and client deployment will be covered.

Prerequisites ?

• Knowledge of ThinkCentre desktop and ThinkPad notebook products
• Proficiency with Windows-based operating systems
• Basic understanding of the use of software applications

To view this video:

1. go to http://lenovo.bhivesoft.com/bhive/t/1004/sessions_details.jsp?content_id=3496\

2. Click on 'Take Course'

3. View video presentation of Hardware Password Manager (HPM).

This is the Lenovo written user guide that documents using Hardware Password Manager and the steps for configuration.

For those customer that are going to be installing or upgrading to LDMS 9.0 with TVT (Lenovo ThinkManagement Console) please look at the LDMS 9.0 upgrade documents, to prepare the core server before upgrading.  The upgrade process for TVT will be the same as for non-TVT core servers but after LDMS 9.0 is installed the Lenovo ThinkManagement Console will be installed.

http://community.landesk.com/support/docs/DOC-7423

CAUTION:  Before upgrading from LANDesk Management Suite TVT SP2 to SP3 there are some patches that need to be installed.  Do NOT install SP3 until the following patches have been installed.

NOTE: To check to see if these patches have been installed from the Management Console on your core server click on "Help" and then "About LANDesk".  Next click on "More Info".  Check to see if the patches listed below have been installed.  If you have any questions please contact support.

The following patches need to be applied before proceeding to SP3 on a TVT core:

• LD90-SP2-MCP_CONS-2011-0428 (April Console MCP)
• LD90-SP2-MCP_SD-2011-0428 (April Software Distribution MCP)

Note: These patches are no longer available for download from the community page. Please contact support if you need these patches.

Once these two patches are installed on the core server a third TVT specific patch needs to be applied. The downloads area for products is here.

After applying these 3 patches to the TVT Core Server SP3 can be applied sucessfully.

HP ElitePad FAQ

Where do I get the HP ElitePad integration Patch?

http://community.landesk.com/support/docs/DOC-27529

Can I push the LDMS agent to the ElitePad that is not on the domain?

• In order to Push an Agent to an HP ElitePad that is not on a domain the following changes will need to be made on the ElitePad
  • Enable admin shares: Network and Sharing Center -> Change advanced sharing settings -> All Networks -> “Turn on sharing so anyone with network access can read and write files in the Public folders”.
  • Then set the following in the registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System = 1 (DWORD), LocalAccountTokenFilterPolicy  = 1 (DWORD),
  • Finally reboot.

What is Find my device and how does it work?

Find My Device features are based on Location finding services. This feature is an opt-in feature both in the Console from the administrator as well as opt-in on client devices. This requires at least one enrolled user on the client to opt-in to this service in order for GPS coordinates to be sent to the core.

In order for the LANDesk administrator to opt-in:

• In the 32-bit console go to the Agent Settings-Inventory Settings 
• Select ‘Allow’ (default is set to Block). Note: These agent settings will also need to be associated to the standard windows agent deployed to the HP ElitePad device.

Find My Device polling frequencies for “Not Lost” and “Lost” can be configured:

• In the 32-bit console go to the Agent Settings->Inventory Settings.
  • This implies that the client agent will send gps coordinates to the core on these intervals depending on whether the device is marked as “Not Lost” or “Lost”.

In order to enable Find My Device features on the client device:

The following is only required if you want the device to wake from connected standby

Tthe administrator will need to create a package on the core that is intended to be deployed to all HP ElitePad devices (post agent installation).

This package will need to consist of 3 files:

• “Windows Driver Testing Framework (WDTF) Runtime Libraries-x64_en-us.msi” (320k)
• 27c11849eb77f4624304607082112d90.cab
• c5bcf010acfc98ac434053ee50af27df.cab

• The files can be obtained by installing the Windows Driver Kit and pulling out the files from the following folder: \Windows Kits\8.0\WDK\Installers\. While LANDesk would have preferred to put these files directly in the HP ElitePad Integration patch release, While these files are generally available through the following link, the notice of redistribution is somewhat vague. Therefore, the administrator will need to download: http://msdn.microsoft.com/en-us/windows/hardware/hh852362 (938k) and install it on a temporary test machine in order to have access to the folder and files.
• The files can be deployed to any folder on the client, but need to remain together (in the same folder). The MSI file will need to be remote executed using the following command line: MSIEXEC /I “Windows Driver Testing Framework (WDTF) Runtime Libraries-x64_en-us.msi”. This will install the required runtime libraries on the client device. This will need to be run as Administrator.
• Installing the WDTF runtime libraries disables the Lock screen (Windows->L). To re-enable, the administrator will need to remote execute set the following registry key: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, Name: DisableLockWorkstation, Value: 0(zero)
• If the LD agent is installed while the ElitePad is outside the corporate network, the administrator will need to run BrokerConfig.exe with administrator rights to get the core certificate (through the CSA/Gateway) and then run an extra inventory scan before location data will be submitted to the core.
• Selecting an HP ElitePad managed device on the core allows you to right-click and select ‘Inspect’. The Find Device features are located within the HP ElitePad tab of Inspector. This tab includes several commands such as ‘Locate Device Now’, ‘Mark as Lost’, ‘Lock’, ‘Refresh’, ‘Reset’. If your client is outside the corporate firewall communicating through the CSA/Gateway, then a ‘Locate Device Now’ will render a “Command pending” status until the next interval when the client agent initiates communication back to the core.
• Find My Device feature does NOT work when the HP ElitePad device enters Hibernate power mode. It only works in Powered On or Connected Standby (Sleep) modes. Hibernate can be disabled on the client by issuing a command line Powercfg.exe /h OFF command.

Description IIS Status Codes

This information was taken from Microsoft KB Article 318380.

The original article can be accessed here: http://support.microsoft.com/?id=318380

SUMMARY:

When users try to access content on a server that is running Internet Information Services (IIS) through HTTP or File Transfer Protocol (FTP), IIS returns a numeric code that indicates the status of the request. This status code is recorded in the IIS log, and it may also be displayed in the Web browser or FTP client. The status code can indicate whether a particular request is successful or unsuccessful and can also reveal the exact reason why a request is unsuccessful.

Log File Locations:

By default, IIS 6.0 places its log files in %WINDIR\System32\Logfiles. For IIS 7+ they are in C:\inetpub\log\LogFiles This directory contains separate directories for each World Wide Web (WWW) and FTP site.

By default, logs are created in the directories daily and are named with the date (for example, exYYMMDD.log).

HTTP

1xx - Informational

These status codes indicate a provisional response. The client should be prepared to receive one or more 1xx responses before receiving a regular response.

• 100 - Continue.
• 101 - Switching protocols.

2xx - Success

This class of status codes indicates that the server successfully accepted the client request.

• 200 - OK. The client request has succeeded.
• 201 - Created.
• 202 - Accepted.
• 203 - Non-authoritative information.
• 204 - No content.
• 205 - Reset content.
• 206 - Partial content.

3xx - Redirection

The client browser must take more action to fulfill the request. For example, the browser may have to request a different page on the server or repeat the request by using a proxy server.

• 301 - Moved Permanently
• 302 - Object moved.
• 304 - Not modified.
• 307 - Temporary redirect.

4xx - Client Error

An error occurs, and the client appears to be at fault. For example, the client may request a page that does not exist, or the client may not provide valid authentication information.

• 400 - Bad request.
• 401 - Access denied. IIS defines a number of different 401 errors that indicate a more specific cause of the error. These specific error codes are displayed in the browser but are not displayed in the IIS log:
  • 401.1 - Logon failed.
  • 401.2 - Logon failed due to server configuration.
  • 401.3 - Unauthorized due to ACL on resource.
  • 401.4 - Authorization failed by filter.
  • 401.5 - Authorization failed by ISAPI/CGI application.
  • 401.7 - Access denied by URL authorization policy on the Web server. This error code is specific to IIS 6.0.
• 403 - Forbidden. IIS defines a number of different 403 errors that indicate a more specific cause of the error:
  • 403.1 - Execute access forbidden.
  • 403.2 - Read access forbidden.
  • 403.3 - Write access forbidden.
  • 403.4 - SSL required.
  • 403.5 - SSL 128 required.
  • 403.6 - IP address rejected.
  • 403.7 - Client certificate required.
  • 403.8 - Site access denied.
  • 403.9 - Too many users.
  • 403.10 - Invalid configuration.
  • 403.11 - Password change.
  • 403.12 - Mapper denied access.
  • 403.13 - Client certificate revoked.
  • 403.14 - Directory listing denied.
  • 403.15 - Client Access Licenses exceeded.
  • 403.16 - Client certificate is untrusted or invalid.
  • 403.17 - Client certificate has expired or is not yet valid.
  • 403.18 - Cannot execute requested URL in the current application pool. This error code is specific to IIS 6.0.
  • 403.19 - Cannot execute CGIs for the client in this application pool. This error code is specific to IIS 6.0.
  • 403.20 - Passport logon failed. This error code is specific to IIS 6.0.
• 404 - Not
  • 404.0 - (None) - File or directory not found.
  • 404.1 - Web site not accessible on the requested port.
  • 404.2 - Web service extension lockdown policy prevents this request.
  • 404.3 - MIME map policy prevents this request.
  • 405 - HTTP verb used to access this page is not allowed (method not allowed.)
  • 406 - Client browser does not accept the MIME type of the requested page.
  • 407 - Proxy authentication required.
  • 412 - Precondition failed.
  • 413 - Request entity too large.
  • 414 - Request-URI too long.
  • 415 - Unsupported media type.
  • 416 - Requested range not satisfiable.
  • 417 - Execution failed.
  • 423 - Locked error.

5xx - Server Error

The server cannot complete the request because it encounters an error.

• 500 - Internal server error.
  • 500.12 - Application is busy restarting on the Web server.
  • 500.13 - Web server is too busy.
  • 500.15 - Direct requests for Global.asa are not allowed.
  • 500.16 - UNC authorization credentials incorrect. This error code is specific to IIS 6.0.
  • 500.18 - URL authorization store cannot be opened. This error code is specific to IIS 6.0.
  • 500.100 - Internal ASP error.
• 501 - Header values specify a configuration that is not implemented.
• 502 - Web server received an invalid response while acting as a gateway or proxy.
  • 502.1 - CGI application timeout.
  • 502.2 - Error in CGI application.
  • 503 - Service unavailable.
  • 504 - Gateway timeout.
  • 505 - HTTP version not supported.

Common HTTP Status Codes and Their Causes

Error: 200 - Success. This status code indicates that IIS has successfully processed the request.

Error: 304 - Not Modified. The client requests a document that is already in its cache and the document has not been modified since it was cached. The client uses the cached copy of the document, instead of downloading it from the server.

Error: 401.1 - Logon failed. The logon attempt is unsuccessful, probably because of a user name or password that is not valid.

Error: 401.3 - Unauthorized due to ACL on resource. This indicates a problem with NTFS permissions. This error may occur even if the permissions are correct for the file that you are trying to access. For example, you see this error if the IUSR account does not have access to the C:\Winnt\System32\Inetsrv directory. For additional information about how to resolve this problem, click the following article number to view the article in the Microsoft Knowledge Base:

187506 (http://support.microsoft.com/kb/187506/) INFO: Basic NTFS permissions for IIS 4.0

Error: 403.1 - Execute access forbidden. The following are two common causes of this error message:

Error: You do not have enough Execute permissions. For example, you may receive this error message if you try to access an ASP page in a directory where permissions are set to None, or you try to execute a CGI script in a directory with Scripts Only permissions. To modify the Execute permissions, right-click the directory in the Microsoft Management Console (MMC), click Properties, click the Directory tab, and make sure that the Execute Permissions setting is appropriate for the content that you are trying to access.

Error: The script mapping for the file type that you are trying to execute is not set up to recognize the verb that you are using (for example, GET or POST). To verify this, right-click the directory in the MMC, click Properties, click the Directory tab, click Configuration, and verify that the script mapping for the appropriate file type is set up to allow the verb that you are using.

Error: 403.2 - Read access forbidden. Verify that you have set up IIS to allow Read access to the directory. Also, if you are using a default document, verify that the document exists. For additional information about how to resolve this problem, click the article number below to view the article in the Microsoft Knowledge Base:

247677 (http://support.microsoft.com/kb/247677/EN-US/) Error Message: 403.2 Forbidden: Read Access Forbidden

Error: 403.3 - Write access forbidden. Verify that the IIS permissions and the NTFS permissions are set up to grant Write access to the directory.For additional information about how to resolve this problem, click the article number below to view the article in the Microsoft Knowledge Base:

248072 (http://support.microsoft.com/kb/248072/EN-US/) Error Message: 403.3 Forbidden: Write Access Forbidden

Error: 403.4 - SSL required. Disable the Require secure channel option, or use HTTPS instead of HTTP to access the page. If you receive this error for a Web site that does not have a certificate installed, click the article number below to view the article in the Microsoft Knowledge Base:

224389 (http://support.microsoft.com/kb/224389/EN-US/) Err Msg: HTTP Error 403, 403.4, 403.5 Forbidden: SSL Required

Error: 403.5 - SSL 128 required. Disable the Require 128-bit encryption option, or use a browser that supports 128-bit encryption to view the page. If you receive this error for a Web site that does not have a certificate installed, click the article number below to view the article in the Microsoft Knowledge Base:

224389 (http://support.microsoft.com/kb/224389/EN-US/) Err Msg: HTTP Error 403, 403.4, 403.5 Forbidden: SSL Required

Error: 403.6 - IP address rejected. You have configured your server to deny access to your current IP address. For additional information about how to resolve this problem, click the article number below to view the article in the Microsoft Knowledge Base:

248043 (http://support.microsoft.com/kb/248043/EN-US/) Error Message: 403.6 - Forbidden: IP Address Rejected

Error: 403.7 - Client certificate required. You have configured your server to require a certificate for client authentication, but you do not have a valid client certificate installed. For additional information, click the article numbers below to view the articles in the Microsoft Knowledge Base:

190004 (http://support.microsoft.com/kb/190004/EN-US/) Error 403.7 or 'Connection to Server Could Not Be Established'

186812 (http://support.microsoft.com/kb/186812/EN-US/) PRB: Error Message: 403.7 Forbidden: Client Certificate Required

Error: 403.8 - Site access denied. You have set up a domain name restriction for the domain that you are using to access your server.For additional information about how to resolve this problem, click the article number below to view the article in the Microsoft Knowledge Base:

248032 (http://support.microsoft.com/kb/248032/EN-US/) Error Message: Forbidden: Site Access Denied 403.8

Error: 403.9 - Too many users. The number of users who are connected to the server exceeds the connection limit that you have set. For additional information about how to change this limit, click the article number below to view the article in the Microsoft Knowledge Base:

248074 (http://support.microsoft.com/kb/248074/EN-US/) Error Message: Access Forbidden: Too Many Users Are Connected 403.9

NOTE: Microsoft Windows 2000 Professional and Microsoft Windows XP Professional automatically impose a 10-connection limit on IIS. You cannot change this limit.

Error: 403.12 - Mapper denied access. The page that you want to access requires a client certificate, but the user ID that is mapped to your client certificate has been denied access to the file. For additional information, click the article number below to view the article in the Microsoft Knowledge Base:

248075 (http://support.microsoft.com/kb/248075/EN-US/) Error: HTTP 403.12 - Access Forbidden: Mapper Denied Access

Error: 404 - Not found. This error may occur if the file that you are trying to access has been moved or deleted. It can also occur if you try to access a file that has a restricted file name extension after you install the URLScan tool. In this case, you see "Rejected by URLScan" in the log file entry for that request.

Error: 500 - Internal server error. You see this error message for a wide variety of server-side errors. Your event viewer logs may contain more information about why this error occurs. Additionally, you can disable friendly HTTP error messages to receive a detailed description of the error. For additional information about how to disable friendly HTTP error messages, click the article number below to view the article in the Microsoft Knowledge Base:

294807 (http://support.microsoft.com/kb/294807/EN-US/) HOWTO: Disable Internet Explorer 5 'Show Friendly HTTP Error Messages' Feature on the Server Side

Error: 500.12 - Application restarting. This indicates that you tried to load an ASP page while IIS was in the process of restarting the application. This message should disappear when you refresh the page. If you refresh the page and the message appears again, it may be caused by antivirus software that is scanning your Global.asa file. For additional information, click the article number below to view the article in the Microsoft Knowledge Base:

248013 (http://support.microsoft.com/kb/248013/EN-US/) Err Msg: HTTP Error 500-12 Application Restarting

Error: 500-100.ASP - ASP error. You receive this error message when you try to load an ASP page that has errors in the code. To obtain more specific information about the error, disable friendly HTTP error messages. By default, this error is only enabled on the default Web site.For additional information about how to see this error on non-default Web sites, click the article number below to view the article in the Microsoft Knowledge Base:

261200 (http://support.microsoft.com/kb/261200/EN-US/) HTTP 500 Error Message Displays Instead of ASP Error Message from 500-100.asp

Error: 502 - Bad gateway. You receive this error message when you try to run a CGI script that does not return a valid set of HTTP headers.

FTP

1xx - Positive Preliminary Reply

These status codes indicate that an action has started successfully, but the client expects another reply before it continues with a new command.

Error: 110 Restart marker reply.

Error: 120 Service ready in nnn minutes.

Error: 125 Data connection already open; transfer starting.

Error: 150 File status okay; about to open data connection.

2xx - Positive Completion Reply

An action has successfully completed. The client can execute a new command.

Error: 200 Command okay.

Error: 202 Command not implemented, superfluous at this site.

Error: 211 System status, or system help reply.

Error: 212 Directory status.

Error: 213 File status.

Error: 214 Help message.

Error: 215 NAME system type, where NAME is an official system name from the list in the Assigned Numbers document.

Error: 220 Service ready for new user.

Error: 221 Service closing control connection. Logged out if appropriate.

Error: 225 Data connection open; no transfer in progress.

Error: 226 Closing data connection. Requested file action successful (for example, file transfer or file abort).

Error: 227 Entering passive mode (h1,h2,h3,h4,p1,p2).

Error: 230 User logged in, proceed.

Error: 250 Requested file action okay, completed.

Error: 257 "PATHNAME" created.

3xx - Positive Intermediate Reply

The command was successful, but the server needs additional information from the client to complete processing the request.

Error: 331 User name okay, need password.

Error: 332 Need account for login.

Error: 350 Requested file action pending further information.

4xx - Transient Negative Completion Reply

The command was not successful, but the error is temporary. If the client retries the command, it may succeed.

Error: 421 Service not available, closing control connection. This may be a reply to any command if the service knows it must shut down.

Error: 425 Cannot open data connection.

Error: 426 Connection closed; transfer aborted.

Error: 450 Requested file action not taken. File unavailable (for example, file busy).

Error: 451 Requested action aborted: Local error in processing.

Error: 452 Requested action not taken. Insufficient storage space in system.

5xx - Permanent Negative Completion Reply

The command was not successful, and the error is permanent. If the client retries the command, it receives the same error.

Error: 500 Syntax error, command unrecognized. This may include errors such as command line too long.

Error: 501 Syntax error in parameters or arguments.

Error: 502 Command not implemented.

Error: 503 Bad sequence of commands.

Error: 504 Command not implemented for that parameter.

Error: 530 Not logged in.

Error: 532 Need account for storing files.

Error: 550 Requested action not taken. File unavailable (for example, file not found, no access).

Error: 551 Requested action aborted: Page type unknown.

Error: 552 Requested file action aborted. Exceeded storage allocation (for current directory or dataset).

Error: 553 Requested action not taken. File name not allowed.

Common FTP Status Codes and Their Causes

Error: 150 - FTP uses two ports: 21 for sending commands, and 20 for sending data. A status code of 150 indicates that the server is about to open a new connection on port 20 to send some data.

Error: 226 - The command opens a data connection on port 20 to perform an action, such as transferring a file. This action successfully completes, and the data connection is closed.

Error: 230 - This status code appears after the client sends the correct password. It indicates that the user has successfully logged on.

Error: 331 - You see this status code after the client sends a user name. This same status code appears regardless of whether the user name that is provided is a valid account on the system.

Error: 426 - The command opens a data connection to perform an action, but that action is canceled, and the data connection is closed.

Error: 530 - This status code indicates that the user cannot log on because the user name and password combination is not valid. If you use a user account to log on, you may have mistyped the user name or password, or you may have chosen to allow only Anonymous access. If you log on with the Anonymous account, you may have configured IIS to deny Anonymous access.

Error: 550 - The command is not executed because the specified file is not available. For example, this status code occurs when you try to GET a file that does not exist, or when you try to PUT a file in a directory for which you do not have Write access.

REFERENCES

For more information about HTTP status code definitions, visit the following World Wide Web Consortium (W3C) Web site:

Status Code Definitions

http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10 (http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10)

For more information about FTP status code definitions, view section 4.2 ("FTP Replies") at the following W3C Web site:

File Transfer Functions

http://www.w3.org/Protocols/rfc959/4_FileTransfer.html