SCCM Default IIS Configurations DP Troubleshooting Issues

I think, this post will help us to understand the default settings of IIS when it’s installed and configured by SCCM / ConfigMgr vNext (2016) itself. IIS role is installed and configured by SCCM when you install DP site system server role. These are the IIS configurations of SCCM vNext TP 3 lab. I’ve seen SCCM admins change the IIS settings manually to work around some issues. However, it’s hard to find out what are the default settings of a freshly installed SCCM server once we change IIS configurations. Probably, this post may help in those situations. The version of IIS is IIS 8.

SCCM IIS Configurations 1

Following are the two applications which are created in IIS for SCCM DP.  Those are for content and signature files.

ACNCM2016\Sites\Default Web Site\SMS_DP_SMSPKG$

ACNCM2016\Sites\Default Web Site\SMS_DP_SMSSIG$

SMS Distribution Points Pool Application advanced settings. .NET CLR Version is v4.0, Enabled 32-Bit Applications = False, Managed Pipeline Mode = Integrated. SCCM vNext TP3-27-0

SMS Distribution Points Pool Application Basic Setting :-

SCCM IIS Configurations

SCCM IIS Application Pool settings :- SMS Distribution Points Pool – Identity is LocalService and this application pool is assigned to 2 applications.

SCCM IIS ConfigurationsThere are two Virtual directories created in IIS for SCCM DP:- SMS_DP_SMSPKG$ and sub folders where SCCM applications and Packages contents are stored – DataLib, FileLib and PkgLib ! SMS_DP_SMSSIG$ is the signature folder.

SCCM IIS Configurations

Directory Browsing is enabled for these package content virtual directories  :-

SCCM IIS Configurations

Authentication of SCCM related IIS virtual folders is also important :- Windows Authentication is the only authentication method IIS enables kernel mode authentication.

SCCM IIS Configurations

Edit SCCM IIS related applications using the following :- We can test the authentication and connectivity from this IIS wizard.

SCCM IIS Configurations

Websites of the root virtual folders like SMS_DP_SMSPKG$ and SMS_DP_SMSSIG$ :- 404 not found error. Browse options won’t work !



SCCM IIS Configurations

Browse IIS website option will work for SCCM content library folders like – DataLib, FileLib and PkgLib.




SCCM IIS Configurations SCCM IIS Configurations SCCM IIS Configurations


Sharing is caring!

5 thoughts on “SCCM Default IIS Configurations DP Troubleshooting Issues”

  1. Hello Anoop,

    This is really nice and informative blog.

    Can you also share some documentation about IIS configuration for WSUS for IBCM facing server where SSL will be enabled?

    Many thanks,

  2. Really most odd statements here:
    Browse IIS website option will work for SCCM content library folders like – DataLib, FileLib and PkgLib

    That will not happen on default install! Not on localhost & not across network

    One will ALWAYS get 403 – Forbidden: Access is denied.

  3. Hi Anoop,
    I have faced an issue in Windows deployment after version upgrade. error was “8007002” in task sequence. I have opened the client deployment log and find the error was IIS 404 in “propfind /sms_dp_smspkg$/”. i went through this page and confirmed the values are equal to my settings. finally i found that “SCCMContentLib” folder permission was missed for IIS/Users. i have added users with read permission and my issue is resolved. You may add a line for checking the NTFS security of the mentioned folder in you blog.
    Thanks Anoop for giving a hint

  4. Hi Anoop
    I am having an issue with iis certificate being expired.
    I have sccm server 2012 and the iis certificate has expired.

    I generated a new certificate. However, when I import the new certificate I get an error:

    Mismatched Address

    I believe I generated the cert. with the wrong information.
    Should I use https://localhost as the CN

  5. OMG, this was article was a life saver for me. I was facing many issues in my SCCM after check that i could fix Thank you so much Anoop


Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.