Hello, We have a server that has IIS lockdown and basic authentication for a website and when the server team applied a policy that restricted logon only to administrators, no one was able to log into the application. The application users are not actually logging in locally, so I am think...more >>

I have NNTP installed under win2k / IIS 5 with lockdown and latest sp's installed. I can no longer view the NNTP branch under mmc / service manager. I can see the NNTP under a similar 2k server with no lockdown. Does lockdown remove / disable NTP management under MMC ? If not, what would ? How ca...more >>

Hi, I just ran the lockdown on my web server and all the Web Hit counters that were generated by Front Page Webbot object stopped displaying. When I backed out of the lockdown, they display properly again. Can you tell me what I need to do after running the lockdown to enable this webbot...more >>

Can't seen to figure out why the server is returning Service Unavailable to the web browser and Unspecified Error for the application pool. It is using a domain user account (member of IIS_WPG, temporarily added to Domain Admins / Administrators) and IIS is running on a domain controller. My...more >>

I have a W2K server with Exchange 2000 and IIS 5 running on it for Outlook Web Access. When I ran the Baseline Security Analyzer, it told me I had a problem with Parent Paths. When I followed the instructions for fixing this problem (unchecking the enable parent paths check box in IIS) when I ...more >>

I have implemented Integrated Windows Authentication on my site and i seems to be working fine except one thing that I am not getting 401- Access denied (C:\WINNT\help\iisHelp\common\401-2.htm) page once th user provides wrong credentials. Instead it displays the name of th virtual directory (w...more >>

Server = Domain Controller / DNS / IIS 6 / Sharepoint Services Site Isolated domain to run IIS and Sharepoint service sites Problem : XP workstations = Digest and Integrated Credentials work fine 2003 Servers = Digest and Integrated Credentials work fine W2K Workstation = Basic works fine , I...more >>

Hello, I have a w2k3 server with IIS6 running a website and a Sharepoint service site. I can log into the web or the SPS site with basic authentication turned on but if I turn on Interegrated or Digest I fail any attempt at authentication from a Windows 2000 Workstation in the the domain, ...more >>

HI, I've inherited a W2K + SP4 box with IIS 5.0 and IIS Lockdown 2.0 tool installed. Now I need to make changes to IIS configuration (create new virtual directories and the like). Is the following procedure the correct one to handle this situation? - Run IIS Lockdown wizard to "un...more >>

Hi there, I've got an asp application which is hosted on IIS, running on W2K server. I've got also an ASP page which is trying to create a Microsoft Project file by creating an instance of object "MSProject.Application" object. Although the MS project has already been installed on the web serve...more >>

I have a Windows 2000 server with Exchange 2000 and IIS 5 running on it. I have OWA set up on this server for out of office users as well. I am trying to secure this system, so I ran the IIS Lockdown tool on it and it did it's thing without a hitch. Then when I run the Microsoft Baseline Secur...more >>

I have a Windows 2003 server that is a member of a Windows 2000 domain, but is not a domain controller. I am trying to create a SSL cert for it, but when I go though the wizard to request a cert every time it gets to the point of writing the certreq.txt file I get an access denied on the fina...more >>

Hello, What permissions are required to create web sites via IIS 5.0 Web Site Creation Wizard? We have a group of web developers that we want to be able to create and manage web sites, but don't want to grant them Administrative access to the OS as we need to lock down a couple directories...more >>

Hallo, we are using SSL for our IIS5 (SSL key length 1024; Pentium 3.0GHz, 1024MB RAM) for a short time. We only use it for a few applications. From inside our company network the access on this sites is quite fast but from outside it takes ages - We're talking about minutes to even show th...more >>

Dear all, I would like to ask can I get the login name from the IIS Prompt Authorization? If I can, how can I do this? by asp or..? Thank you for all of your help. Alex ...more >>

Hi: W2K Svr., Active Directory, IIS environment. I've set a web folder to Integrated Windows Authentication only. When accessing the folder, Users must logon twice before page will load. Thanks for any insight you may have! Bob Herman...more >>

Hi, how can I set security options for a website and for single objects of the website in my VB.Net code? Actually I have to write a patch program for some of our customer installations that 1) disables the anonymous user access for all website objects 2) afterwards enables anonymous u...more >>

I need to set up a Free/Busy info site, and allow users to delete their own files, but no one elses. How do I set up security to allow this?...more >>

I have a site that I want to make all users access via ssl (https). But I don't want them to have to type it in mañually. So if they type in http://www.somedomain.com, then it would redirect to https://www.somedomain.com. I found KB article 839357 explaining the config for setting up E...more >>

I'm running IIS 6. I've turned off enable anonymous access on my website and virtual directory, but I'm not getting prompted for a password. I have Basic authentication selected as the authentication method. I don't see anything in the logs that will explain what is going on. Does anyone ...more >>

Hi Did anyone of you found a solution for the problem in this Feed. I have the Same Problem as Anil http://groups.google.com/groups?hl=de&lr=&threadm=eLeeMnchEHA.1652%40TK2MSFTNGP09.phx.gbl&rnum=7&prev=/groups%3Fq%3D%2522An%2Berror%2Boccurred%2Bduring%2Blogon%2522%2B%2522Logon%2BProcess%252...more >>

Is there a way I can customize an http error message so that if the users account is locked out that it displays a message stating that the account is locked out rather than the normal access denied message (401). Chad ...more >>

I am trying as an experiment to set up a news server on Win2K3 with IIS6 and NNTP. I figure that for the client reader to use windows authentication I should set up permissions on the content folder for the newsgroup. I am getting the following: Error Number: 480 Code 800ccca2 Any ideas? ...more >>

Hi, I have a Server 2003 Standard Edition machine running IIS 6.0 (serving static pages) that has two security templates applied: High Security - Member Server Baseline and High Security - IIS Server. This machine is configured to use Integrated Security. Everything works fine until I app...more >>

I have been using the same password for msn messenger for about 4 years now- yes, I prob should have changed it. A couple of days ago it told me the password was incorrect- the only way this could have happened was if someone else has changed it. I have followed all the recommended ways fo...more >>

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello. I would like to password protect access to a specific directory on my IIS server where the password in not the same as my domain user passwords. The server is running on Windows 2000 (not active directory). So far I have only foun...more >>

Hello all, I have 2 Servers both running Windows 2003 Enterprise Edition. One server is running Apache webserver and the other is running Exchange 2003 Enterprise. My goal is to have reverseproxy working on the Apache to serve OWA. I have also installed Microsoft CA Enterprise on my Primar...more >>

Hello, I am running several websites on IIS5 w/ all patches and the LockDown Tool. With all but one website I am able to use either NTLM auth or IP filtering to secure and limit access to the sites. The last site is the problem. We have several off-site systems that provide services to rem...more >>

Hello, We are using IIS5.0 and integrated windows authentication to protect network resource. The system takes both disabled accounts and bad username and password pairs as HTTP401.1 error. My task is to distinguish these errors, and then take corresponding actions. But I have problem to retr...more >>

Hello All, I need a little help to confirm a desired configuration to ensure Web Site security. Please have a look at my current understanding from documentation and provide advice: ---Windows Integrated Authentication: Utilizes credentials of the user network logon process. Hashes the...more >>

Does anyone have any suggestions on how to provide an SSO solution with multiple IIS Servers and client certificates. 1. I would like to require a client certificate but not have the user select a certificate each time they hit a server in our "enterprise" (same domain). 2. Also, I would l...more >>

I installed IIS 5.1 on XP PRO SP2. When I go to http://localhost/IIShelp it dislays message "HTTP 500 internal server error ". In my system log I have like this: DCOM server can't be started: DCOM: {99169CB-A707-11D0-989D-00C04FD919C1} as /IWAM_STAT108. Error "Access denied" occured du...more >>

I am trying to create and assign a certificate for use with port 8080 instead of 80. When I create the certificate it works great with port 80. but if I change the assigned TCP port to 8080 I get the page cannot be displayed. other functions of the website work that I have set to not require 1...more >>

Hi I am loadtesting a .net web-service deployed under IIS 6.0 on a Win 2003 Server. I have a multi-threaded client application running on a workstation calling methods on the web-service. Using SSL makes connection establishment more expensive due to an increased exchange of data. How...more >>

Hi I have an application where certain parts (web services) are required to use 128 bit https (40 or 56 is not enough) and certain parts (web services) are required to use http. How do I configure this. As far as I can see I can only make a configuration such that 1: all parts are using ...more >>

Hi, We're developing an application that will run on IIS 5, with server and client certificates. I have some issues setting this up. We have our own Certificate Authority installen (seperate box) and generated a server certifictae for our webserver. HTTPS works fine. Then, we generated ...more >>

Hi, When I try to accecss a URL with %5c, it automatically is reflected as "/" in IIS logs? Does IIS 6.0 treat this specially as a security enhancement? Any pointers appreciated. Thanks Himanshu...more >>

At the end of this message is an abreviated Ethereal capture that shows the passive FTP problem that I have. Networking isn't really the issue but it is a victim if I can not configure IIS5 FTP Service to identify (spoof) itself during a passive FTP connection setup the way that I need for it ...more >>

If I have a folder within my website where the IUSR_* user have full access (to allow file creation using FileSystemObject). Are my files secure so that no one may alter them other than via ASP pages and such? Regards, Håkan Wennerberg...more >>

Hi People, OK, so first up, yes, we still have a legacy WinNT4.0SP4 system with Certificate Server 1.0 as our primary CA. While we are in the middle of a project to upgrade to Win2003 and it's CA, we're not there yet and our current CA cert is going to expire early next year. I'm trying to...more >>

Hi Everyone By default IIS 6 Logfile ACL list is as mentioned here: http://www.microsoft.com/resources/documentation/IIS/6/all/techref/en-us/iisRG_LOG_2.mspx Is there any way to change which users that are granted permissions on logfiles?? Best regards Claus Pedersen ...more >>

Hi i got a strange problem but it's true i don't make thing like anyone... First Config: + IIS5.0 SP2 (yes i know...) WebSite Security Root : Digest Authentication, NT Authenticated SubFolders : Anonymous Login Anonymous login is set to use a domain user to enable a sql server authent...more >>

Ok, I have an IIS 6.0 running on Windows 2003. I have several web SITES hosted like the following: site1.myserver.com site2.myserver.com site3.myserver.com I want to create permissions such each site has a unique set of users. So i setup 3 local user accounts: User1 User2 User3 I tu...more >>

Hello! 1. I have Visual InterDev installed on my machine (VS SP5) 2. At the corporate firewall I defined a rule "me to any destinations" (in advance, I would exclude ISA Server 2004 Standard Edition from causing this problem in any way). 3. On my web server IIS 6.0 (with FP Server Extensi...more >>

Hi there, I've got an asp application which is hosted on IIS, running on W2K server. I've got an ASP page which is trying to create a Microsoft Project file by creating an instance of object "MSProject.Application" object. Although the MS project has already been installed on the web server, IIS...more >>

Hi all, I have found lots of discussion groups about this, but no real answer that relates to my problem... I'll try to be as descriptive as I can. Here is the scenario.. 2 months ago, I bought an SSL certificate from Versign.. Installed, setup and working without problem on a Windows 2000...more >>

I noticed that when both Anonymous Access and Integrated Windows Authentication are enabled, AA takes priority over IWA. Is there any way I can reverse that order? I have some functionalities available for the users who have been authenticated through IWA. If they are not authenticated, then ...more >>

Hi, I have a Web Site running on W2K w/SP4 and IIS 5.0. The IISLockdown 2.0 tool is installed. I'd like to have a live backup for this system, so I installed another box with W2K w/SP4, IIS 5.0. Now I'm about to install IISLockdown and would like to know from where I can take the cur...more >>

I created a website in my Win2003 server, only for my clients. I don't allow anonymous login, then the user is prompted to enter his user name an password, when he types my URL in the browser. However, if he goes to another site, and the returns to mine by clicking Back or Forward buttons, m...more >>

I have a web site set up for Basic authentication only, with a default domain set up: 1. When a user tries to log on using his account name the server refuses access. 2 When the user the user@domain format the server refuses access. 3 When the user uses the domain\user format the server grant...more >>