About configuring the Web Portal to contact RAM

The Control Compliance Suite (CCS) Web Portal works with the Response Assessment module (RAM) Web client. Several settings may be changed to enable connection with RAM.

The IIS CCS application pool uses the Network Server account as the identity. The account is a local account. The account may or may not connect to RAM. You should use the same account that is used as the identity in the RAM application pool.

The identity account has the following requirements:

Member of the IIS_WPG local group
Full permissions to the .NET directory
Full permissions to the Windows\Temp directory

The Control Compliance Suite Web Portal is installed with anonymous access setting for the CCS_Web site. You should change the setting to use Windows Integrated authentication. You should disable anonymous access.

In the web.config file for the Control Compliance Suite Web Portal, you must set the SPN value. The format for the value should be

account@domain_name.com

Verify that the computer name is used in the following settings:

AppServer
RAMServer

If you use Control Compliance Suite assets with the RAM questionnaires, you must have use Kerberos authentication.