Hi, The pages on our IIS are a mix of ASP and documents (PDFs, Docs, Excels etc). The ASP pages are secured using a session. The session is set only at the login page after proper authentication of the ID and password. The interior ASP pages check for the session and display only if th...more >>

What is the cause of this error?...more >>

I was quite familiar installing, renewing & replacing certificates in IIS 4.0, but I having trouble with IIS 5.0 certificate wizard. I have an existing Verisign certificate expiring on the 28th, but I'm not able to easily renew because the organization name of the corporation has change since ...more >>

I am getting the following error when using the IIS password change site. Normally I can change the password fine but occasionally my users get this -2147023569 error returned. Has anyone seen this or know what it is? NT 4.0 domain SP6a Thanks, Fred ...more >>

I have a client who is trying to load IIS Users from a CSV(textfile) of names. They are looking at using some template to do the work. The client has over 500 names to create IIS Users. Is there a template or batch process that can be used to automate the procedure. Thank You for your Hel...more >>

HI my name is Jon and I have been having troubles deleting certain internet links off my desk top... they always come from the same places... webforhumans.com, about-blank.biz, and idgsearch.com.... every time i log onto my computer these icons pop up onto my desktop, I delete them and then ...more >>

HI my name is Jon and I have been having troubles deleting certain internet links off my desk top... they always come from the same places... webforhumans.com, about-blank.biz, and idgsearch.com.... every time i log onto my computer these icons pop up onto my desktop, I delete them and then ...more >>

I have URLSCAN on our production server. When I use site manager to do a manual import to the production server, URLSCAN appears to be blocking it due to the limits set by MaxAllowedContentLength. I tried increasing MaxAllowedContentLength to an extremely large number but it did not help...more >>

Hi, For security reasons, we would like to disable the IIS on all our Win2K Server machines that don't use it. How do we disable/disconnect it? Could we remove it completely? Does disabling or removing it cause any problems? Thanks...more >>

win2k adv serv/ iis5.0 this my first web site, this is my thinking for security for an application that needs to write, copy, and delete flat files over the internet the 1 and only basic internet user acct has privileges to write new flat files to one directory, directly beneath the std inetpu...more >>

We are preparing new server in advance so that the website down time will be minimium. We export and import the SSL certificate from production server to the new server. Everything is fine but when browse to the website on new server, we get an error saying the certificate is not valid or...more >>

I've setup a Certificate Authority on W2003. I receive "Failed to create 'CertificateAuthority.Request' object" when I try to "Download CA Certificate". Any Idea? Thanx. ...more >>

Dear all, We'd like to setup an .NET framework on IIS 5.0. During the installation of the framework the ASPNET account will be created. My question now is, does this user has to be in the admin group if the .NET framework will be used as WebService? Thanks for your help! Cheers, Karin...more >>

I have created a site with ASP (Active Server Pages). That requires a login validated by an Access database. There is a file that I wish to be accessible for download only by registered subscribers. All my ASP pages check for the Userid/Password variables that I have set up, so a non-subscriber ...more >>

I am running IIS 5.1 on XP Pro and running into an issue with an asp page this is trying to create an XMLDOM (see code snippet below). I get an error that object is required. After quite a bit of trial and error I think it is a security issue. If I change the IIS App to logon with windows (not an...more >>

In my attempts to nullify my stupidy w/ ISS & SSL (hence 9 diff. cert. req.) I made more of a mess than I needed to. My ? being: Is there a way to 'cleanup' the Cert. Server & remove/delete/nuke the other 'available certificates'?? Any help is appreciated. David D. (Network Engineer - M...more >>

Administrator can log onto OWA over internet. A regualr user cannot. The regular user and Administrator can log into Outlook client. What the heck is wrong? I'm using Windows 2000 Server and a single Exchange 2000 Server both of which are my PDC. Software is vanilla installations. T...more >>

Please help me, I've spent over 3 hours on the phone with Microsoft and they cant seem to fix my problem. My brother was looking at porn sites over the holidays and now my Internet Explorer Favorites are of kiddie porn sites and even though I have deleted them ran spyware etc and they sti...more >>

I have only my original certificate request file, and the response file from the certificate issuer. How can I use this to reinstall the certificate in IIS 5.0? Alas, I did not back up the originally installed certificate as a .pfx or .key. Thanks for any help.......more >>

We recently upgraded to IIS 6.0 and Windows 2003 server and every since we've upgraded we've been having an issue with authentication. The web site in question is supposed to allow anonymous access, but from time to time it will prompt for a username and password as if authentication was turned ...more >>

Hi all, I have an ISAPI filter that determines a user's permissions from the ACL of a file using the 'AccessCheck' API call. This works fine on all of the platforms except Windows 2003 server, where I'm having a strange problem. The AccessCheck call is failing for users that are members of th...more >>

How do I stop this from popping up on my computer??...more >>

Hello all, I tried my best but could not find a solution for subj. There are instructions for generating test cert signed by default test root or signing with commercial CA like Thawte, Verisign etc., where actual request process depends on a provider. But I need something in between. What...more >>

First some history, I have a web server running IIS5. On a windows 2000 server, all service packs have been installed. currently this server is standalone with the exception of ports open on the firewall to a SQL server on the local network. By stand alone I mean, it is in its own littl...more >>

Hello, I have users that ftp up to our web server complaining that there changes are not being noticed immediately. Can anyone point me in the right area to decrease the time it takes for the server to recognize the change to a page. Thanks in advanc Joe Hodosky...more >>

Hi. I'm struggling with authentication and Soap Toolkit 3.0 under IIS 5 on W2K. I've written an ASP web service on an IIS machine, say A, that has a client on an IIS machine too, say B. Both machines A and B can be the same or distinct ones. Consider both machines are part of the same domain f...more >>

hey, i am really new at this, so go easy on me. i found a lot of articles on how to specify ntfs permissions on win2000 but this can't be applied on xp pro. does someone know what i have to do exactly to get rid of these 401.3 no permission errors for iis on WIN XP PRO; with desperate gr...more >>

Hello all, Does anyone know if it is possible to tell IIS to accept any client certificate (even self signed and not trusted). We have to do custom authentication of legacy system, which uses self signed certificates without "client" usage specified in certificate. Alternatively is it possi...more >>

I have set up authenticating for my website, but no matter what method I use I am not able to access the site from outside the LAN. I guess that it is a problem with the ports on the firewall. Which ports does the different authenticating metods use? Frode Brean Sorken ...more >>

I have a IIS server running on Windows 2000 SP4. I've accidentally deselected the 'Allow IIS to control password' option and deleted the IUSR_machine password in the Anonymous User section of Internet Service Manager (the hazards of using terminal services for management). Now everytime...more >>

The last few times we restarted our Windows 2000 Advanced intranet server a "Web" catalog was auto-created. Even though we deleted it keeps coming back. If anyone knows what process is creating this catalog please let me know. Thanks, Kirk...more >>

hey guys. im mark from the philippines. i really need your help involving my internet explorer. everytime i try to surf the net using internet explorer, the page of www.hugesearch.net always appears. it is not my default page and i already checked if it is spoefed. if i type www.cnn.com in...more >>

I contract worms before I can get the patches to stop these worms. I have tried disabling services, and getting SP4 and security updates, but still end up getting hit with codered or nimda, etc. I have a virus scan running (although its very ineffective, obviously) Any suggestions on qui...more >>

Hi All, I have an IIS 5.0 server sitting in my DMZ. I can access the default site via the IP address but when I use DNS to resolve the name the page cannot be displayed. Any help would be appreciated. Thanks....more >>

Hi, on my Win2003 server I want to use digest authentication to enable internal web sites to be reached over the web. It works, but to log on once is by far not enough when I work with my sites. I have to log on permanently....so it is nearly impossible to work with this setting. The sam...more >>

Hi guys, I am working for an asp app with the use of sql 2000, COM+ and iis 5.0. In part of the solution, some files (lotus notes related) will put in a folder that need a higher security and so I only granted the right for certain NT auth. user to access. I need a method to let the user ...more >>

What are the minimum number of ports needed for a dedicated public web server. W2K3 with IIS6. Below are the services I will be needing with the ports I'm aware of: HTTP: TCP 80 HTTPS: TCP 443 FTP: TCP 20 TCP 21 SMTP: TCP 25 POP3: TCP ...more >>

I am setting up a WebServer on a Windows 2000 Pro Machine running IIS. The website is running fine. But, I need to access a database on my SBS2000 Server system through the web page. I am unable to access the SBS system using the IUSR_Webserver user in any way. Even after verifying the...more >>

I've upgraded the W2K IIS5 box with some sites on it. The box had the URLScan 2.0 installed, and IIS Lockdown tool ran, prior to the upgrade. I've removed URLScan 2.0 after the upgrade. My question is: How come I don't have the "Security" option when I right-click the server name in the IIS M...more >>

Hi, our WinNT4 SP6a, IIS4 server has suddenly stopped requesting/accepting client certificates issued by our CA. The only things that have changed since I last saw it work (pre Christmas) are: A bunch of patches: Root Certificates Update Enabling the PIP_CREATE_INSTANCE flag for non-admin...more >>

When I am on the internet, periodically I recieve a message that says something about that system shutting down and it allows me 1:00 minutes to save any open files. It says something about NT Authority/System, but I don't use Windows NT, I have XP. It also says something about an RPC serv...more >>

The FBI has been harassing and mentally torturing me for two and half years since around Oct 01. The FBI has installed gps tracking devices in my car, tracked me like an animal, wire tapped my phone and has been monitoring all my web surfing activities for 2.5yrs and completely dehumanize...more >>

I have IIS 5.0 on an SBS server, running web access to a couple of applications (Exchange and ACT) both of which have their own security system. I have another, seperate directory (I'll call it Stuff) that contains files that I wish to make accessible to only certain people by use of a use...more >>

Hi all, I develop an intranet on a server that was recently upgraded from W2K to WSK3. I use integrated authentication for this intranet so I can give users some personalized content and selective access to protected areas. After the upgrade, the IT people who run the server played aro...more >>

Hello, Under this message I have copy-paste some logfile lines. Can somebody tell me what this means? Am I hackt? And what can I do about this? Thanks! Arjen #Software: Microsoft Internet Information Services 6.0 #Version: 1.0 #Date: 2004-01-06 07:55:43 #Fields: date time s-s...more >>

What are the "out-of-the-box" vulnerabilities of IIS6? Specifically, a dedicated web server connected directly to the Internet through SDSL. W2K3 Standard and IIS6 freshly installed, html (SSI, CGI scripts), ftp, smtp (and POP3), and public DNS service. Multiple IP numbers, so ICF cannot be us...more >>

Please tell me how to configure the IIS application mappings using Custom action in the setup projects. I am using Custom action(installer class)to create a virtual directory and i have to set the application mappings to that virtual directory for .jpg extension. Please help me....more >>

Hi. I'm new to IIS. I'm going to be using W2K3 as a print server for my users. I have seen IIS 5.0 under W2K make printer installation quite easy, so I intend to use the same under W2K3 and IIS 6.0. So, for using IIS just for this one task, how can I lock it down to not permit anything else...more >>

i can access my virutal dir. my client cannot he was first receiving 401.2 error not hes getting access denied does anyone know what the problem could be...more >>

I am planning on deploying a fairly unsophisticated web application using ASP. The app will read a user's record from an Access database stored on the web server (the database file will not be anywhere within wwwroot), display the contents of the record (in a pre-filled out form) to the user, a...more >>

When Verisign issues an SSL certificate for an IIS Server (any server), the certificate is associated with an Intermediate Certificate Authority (CA). There must be a corresponding, valid Intermediate CA certificate on every web browser that wants to have an SSL connection with the server. I ...more >>

I'd like to block msn messenger from my iis5 server config. Is this possible and how do I go about this? Thanks....more >>

Hello I have been putting off renewal of a web server cert on w2003 server- figuring I am missing the obvious. Time is running out so I need to ask for help. The Thawte folks want me to generate a new CSR. Following every set of directions I can find, I open mmc and dig about and find my existi...more >>

Does anyone know how to get the exact time that a website was visited you used to be able to in the older ver. Thanks Dave W...more >>

I am trying to run the Q319733 Roll Up Package on one of my servers. When I try to install it I get a message stating "The service pack running is newer than the patch...". Is there a newer version of the update that I can download and run that will work ? Thanks In Advance of your help. ...more >>

Can someone point toward instructions on how to set up an ldap authentication configuration? We have an external ldap data source of usernames and passwords. We need a web site to authenticate against that. Thanks Bill...more >>