This check determines whether Internet Information Services (IIS) is running on a system that is a domain controller. This is flagged in the scan report as a high-level vulnerability (unless the computer being scanned is a Small Business Server).
It is recommended that you do not run an IIS web server on a domain controller. Domain controllers contain sensitive data such as user account information, and they should not be used in another role. If you run a web server on a domain controller, you increase the complexity involved in securing the server and preventing attacks.
⌐ 2002 Microsoft Corporation. All rights reserved.