So, Daniel, first I would not be surprised if Adobe fails to test a reinstall of the auto lockdown tool with each update? Should they? Sure, if updates can somehow break it (which happened with the update that introduced the remote args problem, it seems).
But that was NOT your problem, as you'd added it. Are you saying this cfscripts error is misleading, and instead it was only about the password limit? And was that new with an update?
I realize you may not care to dig further, with your problem solved. I'm asking so as to help others who may run into this or similar problems.
And though we can be tempted to presume "the issues have been stated here", there's no guarantee anyone from Adobe will see it.
Please consider raising a bug report (tracker.adobe.com) for whichever things you feel are at issue. Even simply asserting (in its own bug report) that they should test the tool after each update is worthwhile.
Again, I get it, you may want to "just move on", but it's when people discern such issues that they need to raise a bug report otherwise it will be forgotten/lost in the dozens of threads here each--likely found only later via someone searching.
At a minimum, if you state specifically what was the solution, you/we can mark it as an "answer", to help others. It's just not clear what specifically in your last reply was the solution.
The lockdown tool asks whether to add a user for the CF service. Any password over 14 characters results in an error after hitting next. I'll add a bug report for that.
The only way I've found to get the lockdown tool to be successful is by not updating CF before running it. I had the same cf_script error when running the lockdown on Update 3 with the -Dcoldfusion.runtime.remotemethod.matchArguments=false jvm argment, so there may be more going on here than an issue with Update 4. I can't spend more time on this unfortunately.
AdChoices