You are viewing limited content. For full access, please sign in.

Question

Question

Audit trail and Federated Search are not working after changing .NET Trust Level in IIS

Audit Trail Administration
Updated June 18, 2021
asked on June 18, 2021

Hi All,

 

I'm implementing CIS benchmark in IIS and found one of the setting is to make the .NET Trust level  to medium.

Audit trail and Federated Search were stopped working after the setting is changed to medium on .NET Trust Level. Found the below error in the error log.

General error: Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. 

 

Is there any possibility to apply the CIS benchmark with additional permission to be granted for Audit trail and Federated Search.

 

Regards

Kirubaa 

 

0 0

Answer

SELECTED ANSWER
replied on June 18, 2021

I will also note that the CIS Benchmarks are a security baseline. It's expected that you may need to adjust some of the individual controls (like .NET Trust Levels) for application compatibility. The important part is that you document which controls you adjust and why.

E.g., "Did not set .NET Trust Level to Medium because this would prevent the Laserfiche Audit Trail and Federated Search applications from accessing the .NET libraries they need to run."

1 0

Replies

replied on June 18, 2021

This is expected because medium trust level prevents the application from using any files outside the application directory, so Audit Trail won't be able to access the .NET libraries it needs. That would apply to Federated Search too. Depending on where your other components are located, both Federated Search and Audit Trail also need to make network calls.

1 0
SELECTED ANSWER
replied on June 18, 2021

I will also note that the CIS Benchmarks are a security baseline. It's expected that you may need to adjust some of the individual controls (like .NET Trust Levels) for application compatibility. The important part is that you document which controls you adjust and why.

E.g., "Did not set .NET Trust Level to Medium because this would prevent the Laserfiche Audit Trail and Federated Search applications from accessing the .NET libraries they need to run."

1 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...