Hi, We are trying to use Digest Authentication on IIS 6.0. The IIS server is in a dmz. The home directory for the default web site points to a share located on another Win2003 server residing inside the network. We opened the required ports inbound on the firewall and were able to access the sha...more >>

In Windows 2000, there was an Operators tab when you chose Properties for a Web Site. In Windows 2003, it seems to have disappeared. I want to give some user limited admin rights on Web site management, without giving them Admin rights to the entire system. What can I do? ...more >>

I am trying to find a way to audit the file permissions the iusr and iwam accounts have on an IIS server. Can anyone recommend a tool that I can use to show me what files these two users have "write" permissions to. I have tried using subinacl /subdirectories x:\*.* /accesscheck=iusr _...more >>

Dear All, one of my experiences was VMS operating system from which NT/2000 belong to, and one of security's features was logon's number setting per username, so if I perform a logon with a set of user/pwd another with the same set of user/pwd elsewhere in the world cannot perform a logon unti...more >>

after i installed the winxp sp2 rc2, can't get access to the local host even i have configured the windows firewall to open port 80 for www service. I am sure there will be a lot of people experience the same problem. Any suggestion will be appreciated. ...more >>

My home pc freezes up everytime I try to launch internet explorer. I run windows 98 on my PC....more >>

ok, this is weird (and annoying) i changed the deault document in the default web site... and now my authentication is all screwed up. changing it back didn't help. when browsing from the server itself - if i type in localhost, i'm ok - if i type in the machine name, i'm ok - if i typ...more >>

I have just been going through the IIS logs on one of my websites, and I have noticed that someone has been attempting to obtain access to the config pages for the FP extensions on that site. Other than using a uid/pwd, is there some other way to prevent outside access? ...more >>

When I try to export one of my SSL certificates, the option to export private key is disabled. Server is running W2k, SP4.0, IIS 5.0. Do I need to request a new cert to move it to another machine? Does this indicate we messed up the original installation of the cert? Any help is ap...more >>

Scenario: There are 2 servers. server1.domain1.microsoft.com and server2.domain2.microsoft.com. There are 2 users. domain1\user1 and domain2\user2 I need to provide Digest Authentication at both the servers. Both the servers are Windows 2003 Server. Users have a valid Windows user account...more >>

I have ISA running on win server 2003. I have loaded all the service packs and still i get an error 721 (remote computer did not respond.) I can connect VPN from internal LAN but cannot connect via the internet. My question is which computer did not respond ISA or my network server? and ho...more >>

I have just recently set up IIS Server Windows 2k advanced server. The server has 16 IP addresses assigned to it in a class c with a subnet mask of 255.255.255.0 (I guess this is obvious) for each of the proposed web sites and e-mail server and DNS. I was given 2 DNS address from the ISP (...more >>

We have a 1-server environment that we just upgraded to Windows 2003 Server from Windows 2000. It is a Domain Controller and is running Exchange 2003. When we upgraded IIS, it now prompts for a username and password. Anonymous Access is enabled for the website in question. Is there a...more >>

When I try to open a aspx page I get a login dialog and after I fill the user name and password I get : "Unable to find script library '/aspnet_client/system_web/1_1_4322/WebUIValidation.js'. Try placing this file manualy, or reinstall by running 'aspnet_regiis -c'. This file is there, I put on ...more >>

I recieved an email today of a man whom calms that he is a bank manager and has excess money is his bank and if i want it to send my bank details etc... and he will send me the money.i think this is a scam,who would i pass this information onto to sort itout. thanks mrs suzannah gaize...more >>

Hi, I've one system in which Active directory is installed. That system is the domain controller as well as web server - A test machine. Trying all following to Authenticate Users using VB as well as ASP. I need ASP solution (and no component required etcc..). Things seems to work fine b...more >>

I created company's intranet in ASP.NET, hosted on windows 2003. We need to capture windows account user - who accessed the application. We dont want employees to login to intranet. Many months I still can not figure out how to get user. I can get only IP address in a code, but it is not enough. AS...more >>

Hello, Problem: When I attempt to access any page secured with Integrated = Windows Authentication, I first get prompted for my = username/password/domain. If I just hit "ok" to this box (entering no = credentials), I get authenticated. I have no anonymous/basic/digest authentication enab...more >>

Hello, For security purposes I would like to know how to disable the back button in the browser and/or expire the page similar to an online banking institution does. e.g. when you hit the back button in the browser it gives the warning that page has expired. Thanks Joe...more >>

I need to know if there is a way to disable the login prompt you get from IIS when you a have site set to Integrated Security? We have an Intranet and will turn on Integrated Security, but if they are logged onto their local machines instead of the domain then we do not want the prompt to come...more >>

Hello, I am devoping a site that will be accessed by internal personnel only. I have turned on Integrated Windows authentication which is doing a fine job of authenticating against the AD. Currently any domain user can access the site if proper credentials are supplied. What I need to do...more >>

Can IIS 6 utilize the "UseHostName" metabase entry like IIS 5 did? This entry could be added to an IIS 5 server to stop it from revealing it's IP address (http://msdn.microsoft.com/library/default.asp?url=/library/en-us/iissdk/iis /ref_mb_usehostname.asp). By default, will IIS 6 reveal it'...more >>

I am very new to IIS, but I have been using FrontPage for some time. This is the first time I am trying to let others in my company access a web site that I am "hosting" on my own PC (XP Pro). I can access the site on my own PC and on PCs connected to my LAN. I can not access the site from remote lo...more >>

Hello I m geting The Following Error Message please I m able to execute the HTML PAGES but not able to run ASP pages... I have win2k server , ADS , IIS5.0 , framework 1.1 on my PC. Help ME........... executing my asp page say: internal server error 500, While in event viewer it says:- ---...more >>

Hello I m getting the Following on my machine in Event Viewer... can any body Help me ... but please guide me to the right way...........:) --------------------- Event Type: Error Event Source: DCOM Event Category: None Event ID: 10004 Date: 16/06/2004 Time: 14:36:48 User: N/A Compute...more >>

Hello guys and gals I wanted to know if anyone would be so kind as to give me some code to force SSL rediresct on a page instead of "bouncing' it off of another page. thanks very much Joe...more >>

For some reason, Microsoft does not address trojans and spyware. I have had the IST toolbar infect my explorer browser and had to switch to Netscape. Microsoft does not care because they think that they have the only operating system but Linex is on the horizon and if you guys piss me off one m...more >>

Gidday On my Windows 2000 Server (SP4) I need to change a setting on the Virtual Directory TAB. I got an IIS WWW configuration "User/Password validation failed" error message. I did change to Application Protection to High, Isolated when I got this issue. I can change the setting to Medium, P...more >>

I have a windows 2003 server domain created. I have created a secure certificate, but I can't get it to show in the approved certificates in Certificate Authority. How do I get it to show up? Thanks....bho...more >>

I am trying to write an ISAPI filter to insert the Authorization: Basic aXRkb2VzbnR3b3JrOnBsZWFzZWhlbHA= header into the HTTP request so that users who have already authenticated into another system do not need to reauthenticate when navigating to another application that requires Basic au...more >>

I've found a few articles on ISAPI Filter issues with IIS 4.0 and IIS 5.0. Does anyone know what the setting should be for IIS 6.0? It is located under web site/properties/isapi filters......more >>

i get this message when I try to access a website that I have just implemented SSL on. I can access the site just fine in an unsecure mode. When I require SSL, I get the message int he subject line. I've assigned a static IP and verified the DNS entry for the server. I've checked the set...more >>

i can't seem to stop the pop-ups from popping up although i have them set to block. they come from internet explorer. i have contacted aol and they said i needed to contact microsoft. i am kind of computer illiterate ( not completely) but i can't seem to figure out how to stop them. can an...more >>

NT4 IIS4 I am suddenly experiencing a problem where the server variable logon_user always returns '(domain name) \Administrator' for 1 particular user on the domain. Other tested users are fine and the correct username gets returned fine on other servers (IIS5 - IIS6). This has only rece...more >>

Does anyone know of any good IIS/Security seminars? Becuase of logistics, I am having to move from Linux/Apache to Windows2003/IIS and I really don't know anything about IIS security. Thanks, James ...more >>