Im using "host headers" to run multiple websites and Frontpage to author. Frontpage creates a sub-folder in Default Websites but I also create a new website for the host header which appears on the same dir level as Default Website in IIS. Q. If I want to restrict access to authenticated use...more >>

Just installed windows update to windows server 2003. Can no longer access web pages without 401.1 error. Using IUSR_server as my internet guest account. Have set Enable Anonymous Access Under directory security. IUSR has read access. NTFS security is set to Read and Execute. But Still n...more >>

I have added MIME types for .exe and .dll's that are placed in one virtual directory. It is called /bin (it has nothing to do with ASP.NET applications). I just want to enable *downloads* of exe and dll files from that directory, and I can't. From other directories there are no problems, but fro...more >>

Hi, I have an app pool running as a domain user but I need to make a certain call in the context of NT AUTHORITY\NETWORK SERVICE. I've tried using LogonUser() but I'm not sure if it's possible. Is there anyway to temporarily change from a domain account to the network service account? Th...more >>

I just setup a webserver using IIS 5.0 on W2k SP4 to test SSL. I deployed the SSL succesfully, but when I try to browse the site from IE I get a Security Alert popup which states: "The security certificate was issued by a company you have not chosen to trust. View the certificate to determi...more >>

We have 2 VSS databases. First is located on the same server as IIS and second is on another machine. While I can open the first one from the ASP using the following script: oVSSDb.Open <srcinipath>, <UID>, <password> trying the same thing on the second throws the following error: Error Typ...more >>

I just setup a test webserver with SSL using a server certificate from Microsoft Certificate Services. When I browse the site in IE, I get a Security Alert that states: "The security certificate was issued by a company you have not chosen to trust. View the certificate to determine wheteher...more >>

I just setup SSL on a test webserver using IIS 5.0 running W2k SP4. Whenever I browse the site in IE, I get a Security alert stating "The security certificate was issued by a company that you have not chosen to trust. View the certificate to determine whether you want to trust the certifyin...more >>

Hello ! I use Windows Server Certificates. Enabled the "require secure channel" option for a virtual directory. From some clients i can access the directory. A message pops up in IE, saying that the certificate wasn't issued by a trusted ca. Then I click yes and it works fine. O.K. so far. ...more >>

Hi there, Can someone remind me how to make files with extensions other than .asp execute as .asp files do? I remember doing this by adding an entry to the registry years back, but I can't find the place to do this. Years back, by adding the extension to the registry I was able to make IIS...more >>

Is there a difference between the standard web client/server certificates and server-server certificates? Our customer has asked for server-server and wants to know if this is different from generating public/private keys in the standard way for web connections. Thanks...more >>

Is it possible to authenticate user using a SQL database, containing users and passwords? What I want to achive is: I have as SQL database containig data for my app. This database also contains usernames, passwords and rights which are specific for my app. Also I have a middle tier WebService...more >>

We have an application running on one website. We want to co-brand it for multiple names. Is it possible to put multiple SSL identities on one site? ie: http://www.site1.com http://www.site2.com http://www.site3.com https://secure.site1.com https://secure.site2.com https://secure.site...more >>

I have as virtual folder on my machine which is set to accept only Windows Integrated authentication. Also I have added my local host in Trusted sites. When IE Security settings for Trusted Sites zone are set to automaticaly logon with the current username and password, the page won't open. Wh...more >>

Hi all I'm trying to set iis 6.0 on a w2k3 server. My test site's security is anonimous access + integrated windows. This site is very simple...just one html page. I have also granted the iis anonimous user account, credentials on the site's ntfs directory. After this i am still being asked to...more >>

Folks, I like to go through my IIS log and look for "hack attempts" and sometimes I report them to their domain's provider. Years ago I purchased a product called Neotrace, which allowed me to enter a website or IP address, and visually trace route it on a World Map, with a list of hops,...more >>

Have a virtual site which is set up for Integrated Authentication on Windows 2000 Server running in W2K natice domain. I can get to the website, however it is not prompting for logon I have modified the NTFS permissions to ensure that IUSR_Machine has read/change access in the appropriate ...more >>

Hello, Have found the tool hfcheck.wsf on the Microsoft but when I run it, it cannot find www.microsoft.com/technet/security/search/bulletins.xml Does anybody know whereto it has changed or if it still exists? Reactions please to: kratos_nl[without_this]@hotmail.com ...more >>

Hello, Have found the tool hfcheck.wsf on the Microsoft but when I run it, it cannot find www.microsoft.com/technet/security/search/bulletins.xml Does anybody know whereto it has changed or if it still exists? Reactions please to: kratos_nl[without_this]@hotmail.com ...more >>

I installed URL Scan 2.5 in one of my HTTPS Developement web server. In the ini file I edited to reflect to allow only GET, POST methods. Now how do I verify if the settings in the ini file are working? I would like to issue a verb like TRACE to test if the settings are in effect or not? How d...more >>

Hi, We have need to run server based .vbs files and other OS commands through active server pages i.e... Set oShell = Server.CreateObject("WScript.Shell") oShell.Run("c:\somecmd.bat",,True) Under Windows 2000 the EVERYONE group had read/execute rights against cmd.exe. Under 2003 this has...more >>

Hello, I've recently come across 2 situations where I have users who only access my internal domain through the web. The first situation is a domain user using OWA, the second is a domain user using a custom web site requiring authentication. This wasn't much of a problem until their pass...more >>

Hi, I have an WebService application running under a application pool. The appliction pool identity is set to a domain account. The authentication mode of the WebService is set to Windows Authentication(only). When I access the WebService, I get a dialog asking for user credentials. Inspit...more >>

Hi Can I use a Subordinate root CA as my certificate authority to set up SSL using IIS 5.0 and Certificate Service Wizard and then proccess my request through this Subordinate CA? Thanks...more >>

Is there an IISCertDeploy in IIS 5.0? I'm looking for some tool under IIS 5.0 that deploy SSL certificate. Thanks Sean...more >>