I am trying to set up 2 way ssl with iis 6. I install the server cert, turn on ssl and click "require a client certificate." Well, when I hit a web site on the server from a browser, the server pushes it's cert to the client, but does not ask the client to send one. The "Choose a digital ce...more >>

I have a question about IIS securty. If you disable anonymous access and choose only integrated windows authentication, should you be prompted for a username and password when accessing that site from a domain computer running IIS? Or should IIS pass the credentials of the currently logged on ...more >>

Hello, I am quite new to IIS and I could use some assistance. I am running IIS on Windows 2003 Server (Enterprise). Here is what I would like to accomplish: 1. A single public IP address and point to different web servers. 2. Encryption / security (I know point one does not support SSL) ...more >>

Hi there! I am testing Smartcard-Authentication with our Webapplication on IIS 5.0 and IIS 6.0 and found the following different behaviour: with IIS 5.0 the Smartcard PIN is asked several times on each Page, while with IIS 6.0 the PIN is asked only once. IIS 6.0 seems to cache the PIN or ra...more >>

We have an IIS Webserver running on Windows 2000 as part of our domain. Its netbios/dns name is webserver nad I can connect through a browser to this address and authenticate using Kerberos OK. However I have set up an dns alias intranet.theforwardgroup.com to point to this server but it fails t...more >>

Hi, We are currently switching from NTLM to kerberos on a large portal installation which uses the IIS for SSO purposes. This is a clustered solution so we've set a domain users as the owner of the IIS app pool and configured the SPN so it can issue tickets on the cluster address. We've verif...more >>

I have an XP Pro client with a user logging on who is in the Domain Admins group. There is only one DC, server01 in tailspintoys.com. The DC is also a certificate server and Exchange server for coursework. When I try to get a certificate at http://server01/certsrv my authentication fails using...more >>

We have Windows 2003 server running IIS 6.0. Have an application that creates ASPX session variables based on values found in ASP session cookie. Works great if anyonymous is allowed. Once Basic or Digest Auth is required, we get 401 errors. We've even included a default user account ...more >>

Hello, I need to change the admin password on our IIS server. When I change the password my website goes down. When I put it back to its orginal password everything comes back online. Any ideas why this happens??? -- Ever Learning Net Admin...more >>

Does anyone have suggestions on best practices for security, and optimization for IIS 6.0...more >>

Have recently migrated my server from W2K to a W2K3 platform, and everything is functional on my site but I have one minor issue that I would like some help with. I'm running a W2K AD domain with my W2K3 server as a member server. Client computers are either WinXP or W2K Systems, fully pat...more >>

I upgraded from server 2000 to standard 2003. I can get all of my Intranet to work with exception to web forms. The users are asked to submit a user name and password to complete. In the past they have never been asked to do this. Also the only user name and password the site will take is ...more >>

Hello, After changing usernames on our Active Directoy network, old credentials are still being passed to our asp.net pages. A server reboot fixes the issue but, as you can imagine, this is unacceptable. Any help would be great. Thanks...more >>

Hi, I'm running IIS 5.0. I have a virtual directory that resides on another server. The folder that the virtual directory connects to has Share permissions of Everyone "Change" and NTFS perms of 4 groups: Admins- Full Control Group1- Modify Group2- Deny (Full Control) ConnectAsSVCAC...more >>

Hi -- We have two servers in our office running Active Directory. One is a Windows / Exchange 2003 server and the other is a Windows 2000 box. My client PCs are all running XP Pro, SP2 and log in to the domain controller. I have set up our corporate intranet on the Windows 2000 machine. I ...more >>

Hi all We have a terrible situation now. We have 3 new web servers (IIS6.0) in the same domain, each hosting a different web site, e.g. http://companyintranet, http://hrapp and http://payrollweb . In the LAN environment, the users have not problem logging into the different sites silently...more >>