Article ID: 887405 - View products that this article applies to.
You can use VPModule.msi to install the Microsoft.Web.ValidatePathModule.dll HttpModule on computers that are running ASP.NET. This article describes the steps needed to use Group Policy to deploy this HttpModule, including: creating a distribution point, creating a Group Policy object for the Microsoft.Web.ValidatePathModule.dll deployments, and deploying the VPModule.msi
The VPModule.msi file installs an HttpModule that is named Microsoft.Web.ValidatePathModule.dll on target computers. The installation also updates the Machine.config file or files with a new HttpModule entry. For additional information about VPModule.msi, click the following article number to view the article in the Microsoft Knowledge Base:
887289With VPModule.msi, you can install Microsoft.Web.ValidatePathModule.dll on computers that are running ASP.NET. If you are managing computers in an Active Directory directory service environment, you can use the Software Installation and Maintenance feature of Group Policy to deploy the VPModule.msi on target computers. This article describes how to use Windows Installer and Group Policy to install the VPModule.msi on target computers in a Microsoft Windows 2000 Server or Microsoft Windows Server 2003 Active Directory domain. This article assumes that you already know which computers are running ASP.NET in your environment.
(http://support.microsoft.com/kb/887289/ )HTTP module to check for canonicalization issues with ASP.NET
Group Policy is the recommended method for managing the deployment of software for customers who are not already using a corporate update management solution such as Systems Management Server (SMS) 2003 or Software Update Services (SUS). For more information about Group Policy, visit the following Microsoft Web site:
Use Group Policy to assign the VPModule.msiTo use Group Policy to assign the VPModule.msi, follow these steps:
Only a network administrator or someone who is logged on to a local computer as an administrator can remove the assigned software (that is, the VPModule.msi) from the destination computer. The procedures identified in this section are explained in detail in the following sections.
Create a distribution pointTo assign software, you must create a distribution point on the server. To create a distribution point, follow these steps:
Create a GPO for software deploymentYou can create a GPO and link the GPO to any Active Directory container that contains the target computers to which you want to deploy the VPModule.msi. For example, an Active Directory container may be a site, a domain, or an organizational unit (OU). The following instructions direct you to use a domain as a container and then to use security filtering to target the GPO to specific computers. For your environment, you might want to link the GPO to a different container, such as an OU. You can link to any Active Directory container that you want. Also, you can edit an existing GPO instead of creating a new GPO just for deploying the VPModule.msi. However, we do not recommend that you edit the Default Domain Policy or the Default Domain Controllers Policy.
Create a GPO for deployment of the VPModule.msiUse one of the following methods to create a GPO for deployment of the VPModule.msi.
If you have Group Policy Management Console (GPMC) installed, follow these steps:
Edit a GPO for software deploymentAfter you create a distribution point and create a GPO for deployment of the VPModule.msi, you must modify the GPO by using the Software Installation and Maintenance feature of Group Policy. To deploy the VPModule.msi, you must use the Computer Configuration node in the Group Policy Object Editor.
To edit a GPO for software deployment, follow these steps:
Deploy software to specific security groupsYou can use security filtering in Group Policy to deploy the VPModule.msi only to computers that are members of a specific security group. For example, if you create a GPO at the domain level by using the procedure that this article describes, you can use security filtering to target the GPO only to the computers that you want. First, you must create the security group and add target computers as members.
To create a security group, follow these steps:
Target the VPModule.msi by using security filtering
For additional information, click the following article numbers to view the articles in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/887404/ )How to use Systems Management Server 2003 to deploy the ValidatePath module
(http://support.microsoft.com/kb/887459/ )Programmatically check for canonicalization issues with ASP.NET
(http://support.microsoft.com/kb/887787/ )You may receive error messages from Reporting Services after you install the ASP.NET ValidatePath Module
(http://support.microsoft.com/kb/887290/ )How to use the ASP.NET ValidatePath Module Scanner (VPModuleScanner.js)
Article ID: 887405 - Last Review: February 23, 2007 - Revision: 1.6