Hi I am loadtesting a .net web-service deployed under IIS 6.0 on a Win 2003 Server. I have a multi-threaded client application running on a workstation calling methods on the web-service. Using SSL makes connection establishment more expensive due to an increased exchange of data. How...more >>

Hi I have an application where certain parts (web services) are required to use 128 bit https (40 or 56 is not enough) and certain parts (web services) are required to use http. How do I configure this. As far as I can see I can only make a configuration such that 1: all parts are using ...more >>

Hi, We're developing an application that will run on IIS 5, with server and client certificates. I have some issues setting this up. We have our own Certificate Authority installen (seperate box) and generated a server certifictae for our webserver. HTTPS works fine. Then, we generated ...more >>

Hi, When I try to accecss a URL with %5c, it automatically is reflected as "/" in IIS logs? Does IIS 6.0 treat this specially as a security enhancement? Any pointers appreciated. Thanks Himanshu...more >>

At the end of this message is an abreviated Ethereal capture that shows the passive FTP problem that I have. Networking isn't really the issue but it is a victim if I can not configure IIS5 FTP Service to identify (spoof) itself during a passive FTP connection setup the way that I need for it ...more >>

If I have a folder within my website where the IUSR_* user have full access (to allow file creation using FileSystemObject). Are my files secure so that no one may alter them other than via ASP pages and such? Regards, Håkan Wennerberg...more >>

Hi People, OK, so first up, yes, we still have a legacy WinNT4.0SP4 system with Certificate Server 1.0 as our primary CA. While we are in the middle of a project to upgrade to Win2003 and it's CA, we're not there yet and our current CA cert is going to expire early next year. I'm trying to...more >>

Hi Everyone By default IIS 6 Logfile ACL list is as mentioned here: http://www.microsoft.com/resources/documentation/IIS/6/all/techref/en-us/iisRG_LOG_2.mspx Is there any way to change which users that are granted permissions on logfiles?? Best regards Claus Pedersen ...more >>

Hi i got a strange problem but it's true i don't make thing like anyone... First Config: + IIS5.0 SP2 (yes i know...) WebSite Security Root : Digest Authentication, NT Authenticated SubFolders : Anonymous Login Anonymous login is set to use a domain user to enable a sql server authent...more >>

Ok, I have an IIS 6.0 running on Windows 2003. I have several web SITES hosted like the following: site1.myserver.com site2.myserver.com site3.myserver.com I want to create permissions such each site has a unique set of users. So i setup 3 local user accounts: User1 User2 User3 I tu...more >>

Hello! 1. I have Visual InterDev installed on my machine (VS SP5) 2. At the corporate firewall I defined a rule "me to any destinations" (in advance, I would exclude ISA Server 2004 Standard Edition from causing this problem in any way). 3. On my web server IIS 6.0 (with FP Server Extensi...more >>

Hi there, I've got an asp application which is hosted on IIS, running on W2K server. I've got an ASP page which is trying to create a Microsoft Project file by creating an instance of object "MSProject.Application" object. Although the MS project has already been installed on the web server, IIS...more >>

Hi all, I have found lots of discussion groups about this, but no real answer that relates to my problem... I'll try to be as descriptive as I can. Here is the scenario.. 2 months ago, I bought an SSL certificate from Versign.. Installed, setup and working without problem on a Windows 2000...more >>

I noticed that when both Anonymous Access and Integrated Windows Authentication are enabled, AA takes priority over IWA. Is there any way I can reverse that order? I have some functionalities available for the users who have been authenticated through IWA. If they are not authenticated, then ...more >>

Hi, I have a Web Site running on W2K w/SP4 and IIS 5.0. The IISLockdown 2.0 tool is installed. I'd like to have a live backup for this system, so I installed another box with W2K w/SP4, IIS 5.0. Now I'm about to install IISLockdown and would like to know from where I can take the cur...more >>

I created a website in my Win2003 server, only for my clients. I don't allow anonymous login, then the user is prompted to enter his user name an password, when he types my URL in the browser. However, if he goes to another site, and the returns to mine by clicking Back or Forward buttons, m...more >>

I have a web site set up for Basic authentication only, with a default domain set up: 1. When a user tries to log on using his account name the server refuses access. 2 When the user the user@domain format the server refuses access. 3 When the user uses the domain\user format the server grant...more >>

Hi- Never configured SSL on IIS 6.x before. I've set up a site and enabled SSL. I have created a local cert authority on another internal server and have installed the certificate on web server. (Servers are all Win 2003 Standard...clients are all XP SP1 & 2) SSL appears to work okay, when I hit...more >>

I am using selfssl to create certs to test a multiple secured virtual server. I will need to have multiple certs on the one machine. When I create one cert with default it uses Site ID 1. When I try to run it again for the second cert is always fails when I try a number other than 1. Using 1...more >>

Hi, I have a test site running on an ISP's system. We keep getting a 403.4 error (SSL) when we attempt access any file or even a non-existant file in a subdirectory called /secure. We do not get these error in other subdirectories. The ISP claims there is no SSL certificate on the accoun...more >>

I am trying to get two virtual servers running on IIS but am having a bugger of a time. I can get either one working but not both. I've tried custom ports. My redirects to htts are working, but I can follow the redirect to an app. I know my setup and certs are ok on each because each will wo...more >>

I just installed SP2 on my machine and now my web applications don't work. It says, " You are not authorized to view this page" So I add the ASPNET user and IUSR_COMPNAME with explicit permissions to the directory. I also did the security wizard and selected "Public Site" and told it to re...more >>

I have a Certificate Server set up on one of my domain controllers and am trying to run an SSL enabled web server on the same server (on port 90 because there's a different web server running on port 80 on that server as well). When I try to access the website though (https://yadda:90) my browse...more >>

Windows XP, SP2, IE 6.0 SP2 128bit, IIS 5.1, Symantec Antivirus 9.0.0.xxx When I connect to "http://localhost/localstart.asp", it works (as installed). When I connect to "http://<machinename>/localstart.asp", it works. When I connect to "http://<machinename>.<domainname>/localstart.asp", it p...more >>