Problem:

When IUSR tries to logon to the FTP server, the attempt is unsuccessful.
Errors are logged in the Event Viewer Security and System logs.


Configuration:

Windows XP Pro
Service Pack 2 beta
IIS 5.1
IIS Lockdown
Local Security Settings -> User Rights Assignment:
Access this computer from the network -> Authernticated Users,
IUSR_Computer1, IWAM_Computer1, Administrators


Security Log:

Source: Security Category: Logon/Logoff
Type: Failure Audit Event ID 533
User NT Authority\System

Description:
Logon Failure:
Reason: User not allowed to logon at this computer
User Name: IUSR_Computer1
Domain: PEACE
Logon Type: 3
Logon Process: IIS
Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
Workstation Name: Computer1

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

System Log:

Source: MSFTPSVC Category: None
Type Warning Event ID:100
User: N/A

Description:
The server was unable to logon the Windows NT account 'IUSR_Computer1' due
to the following error: Logon failure: user not allowed to log on to this
computer. The data is the error code.
For additional information specific to this message please visit the
Microsoft Online Support site located at:
http://www.microsoft.com/contentredirect.asp.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.


Thank you for your help.

On IIS v5.1 (Windows XP). IUSR_<machinename> needs to be able to "Log On
Locally" if you want that account to be impersonated by the FTP Server. If
you have removed that right, then IUSR_<machinename> will not be able to be
impersonated by the IIS FTP Server.

Cheers
Ken

[quoted text, click to view]
: Problem:
:
: When IUSR tries to logon to the FTP server, the attempt is unsuccessful.
: Errors are logged in the Event Viewer Security and System logs.
:
:
: Configuration:
:
: Windows XP Pro
: Service Pack 2 beta
: IIS 5.1
: IIS Lockdown
: Local Security Settings -> User Rights Assignment:
: Access this computer from the network -> Authernticated Users,
: IUSR_Computer1, IWAM_Computer1, Administrators
:
:
: Security Log:
:
: Source: Security Category: Logon/Logoff
: Type: Failure Audit Event ID 533
: User NT Authority\System
:
: Description:
: Logon Failure:
: Reason: User not allowed to logon at this computer
: User Name: IUSR_Computer1
: Domain: PEACE
: Logon Type: 3
: Logon Process: IIS
: Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
: Workstation Name: Computer1
:
: For more information, see Help and Support Center at
: http://go.microsoft.com/fwlink/events.asp.
:
: System Log:
:
: Source: MSFTPSVC Category: None
: Type Warning Event ID:100
: User: N/A
:
: Description:
: The server was unable to logon the Windows NT account 'IUSR_Computer1' due
: to the following error: Logon failure: user not allowed to log on to this
: computer. The data is the error code.
: For additional information specific to this message please visit the
: Microsoft Online Support site located at:
: http://www.microsoft.com/contentredirect.asp.
:
: For more information, see Help and Support Center at
: http://go.microsoft.com/fwlink/events.asp.
:
:
: Thank you for your help.
:
: