Happy New Year! I am experiencing the following strange problem with a server at work that is hosting an asp.net application (windows 2k server, all latest updates, etc.). The app virtual directory is set to Windows Integrated Authentication. Some pages in the app use an infragistics we...more >>

We are setting up a new Windows Server 2003 machine to be used to host our websites and e-mail service. In setting it up, PRIOR to installing IIS 6, we had Internet access working. AFTER installing IIS, Internet access no longer worked - cannot even go to online to microsoft.com. Uninstalling ...more >>

When I attempt to run SYNCWAM.VBS to syncronizwe IWAM account passwords I get the error code 80110414. I have manually set the IWAM_Machine password in AD and set the password in the metbase using ADSUTIL.VBS. I even put the IWAM account in the administrators group prior to run SYNCWAM.VBS. ...more >>

I am pulling out my hair (which is hard because I shave my head!). I am relatively new to AD and IIS....still trying to learn. I have several texts on the subjects but can't seem to get the answer I need. My first server on my home network was a W2K server. I use DSL with a static IP as an...more >>

running w2k3 with latest urlscan update. this is new server and new experience for me also. got 3 sites running with host headers, one site includes a web service that is only lightly used right now, mostly by me and a couple friends just for testing. the question is, i am seeing lots of ...more >>

Yes, Creating. I have a working site, which requires Basic Autentication against the Active Directory of a Win 2003 Server/Domain. There are several "sub-webs", all also requireing the same authentication. Everything there is working just fine. Code is all VB using VS 2003. The problem ...more >>

server 2003 running iis, got 3 web sites running. one of them i am using for developing a web service which i thought was having security issues... so i was trying changing that site's security settings. i changed the authorization method a couple times, including changing the anonymous ac...more >>

I've totally screwed up my IIS security such that I can no longer see the basic Help disply at localhost. Is there a way to reset security? or what are the settings that are the original? Thanks Frank yeah I know I'm stupid...more >>

One of our IIS sever has two sites which are looked a same directory. I mean c:\data\test folder has two sites One of the sites name is pro.test.com and the other one is pro1.test.com. They are clone and all settings are the same. The site anonymous user also same. But some codes doesn't work...more >>

Hi All I am facing one problem while accessing the website created in my local system(Logged in a domain) In IIS I enabled windows authentication for the site. 1) If I try to access the site like http://IP address/ .. then the windows login pop up is coming 2) if I try...more >>

Hi, I am using IIS (5) as a gateway to a servlet container (I have a CGI & ISAPI version of a gateway for this communication). I am trying to implement NTLM authentication in the serlvet container but when my servlet returns a 401 header I always get a 'Connection: close' header added to th...more >>

Does anybody know more information in regards to this vulnerability disclaimed by Inge Henriksen? "I have found that by doing a malformed anonymous HTTP request one can remotely crash the IIS service process, inetinfo.exe, using just a simple tool like a web browser." More details on the vu...more >>

Developing .NET application to acccess web services. In IIS, if Integrated Windows Authentication is turned on, I get a 401: Access Denied error. However, if I turn off Integrated Windows Authentication and turn on Basic Authentication I am able to authenticate the user with no problem. I...more >>

I have moved a website from IIS 5 to IIS 6. I have an asp page which refers to a dll file which executes an application which creates a thumbnail of an image which is uploaded to the SQL database and accessed by the asp pages. The asp now gives me a 401 error message on the file being acce...more >>

I see a few posts but not eneogh to help me. I want to setup a password change utility for my SharePoint 2003 external clients by providing a link on there site. Is IISPWD supported in WIN2K3 and IIS6? If so where do I find IISPWD (can't find it in the IIS 6 resource kit) How do I deploy i...more >>

After a recent security scan it was found that I have three IIS 6.0 servers that need to have there banner information hidden. I know URLSCAN can do this but I can't find exact information on how to do this. All I want to do is hide the banners I don't want any additional features turned on ...more >>

We have a case where users who are encouraged to have good passwords with norwegian characters and other special characters cannot login to a ASP.NET 1.0 app. This problem is discussed in the following article from MSKB: http://www.kbalertz.com/kb_835388.aspx Do you know if this problem i...more >>

I have a user that is logging in to Exchange 2003 Webmail and trying to change his password from there, but he gets error -2147024891 every time he tries; I have duplicated this several times from my desk. We require complex passwords. Is there something I'm missing here to try to get him to...more >>

I have been asked to integrate RSA authentication to a web application that runs on IIS 5/6 - this is normally done by an ISAPI filter - which is normally straightforward. However there is a particular requirement that only users "external to their LAN" (i.e. connecting via their DMZ) have to ...more >>

Hi, I am configuring a virtual directory pointing to a UNC within the same domain as the IIS server (Win 2003 server). The authentication setting is set to Network Credentials of Users. The rest all like Anonymous access, etc. are unchecked. ACLs are set up in the file server (UNC) thereby co...more >>

I have a webserver running IIS 6.0. All the sites are stored on a network share. Can I change the permissions on the Inetpub folder to only allow admin access? What NTFS permissions do i need to set on the mailroot folder so that sites can send mail to the queue through cdonts? Thanx ...more >>

We are in the process of upgrading all of our web servers to Windows 2003 and IIS 6.0. I am having a problem getting error messages written to the servers Event Log Viewer from our ASP applications. To log the errors in ASP to the Event Viewer we created a VB6 DLL that has a method exposed...more >>

programmatic to ftp virtual directories when i connect to an ftp server and i only have access to a few of the ftp virtual directories, do i just change directory to them after connecting and having credentials authorized? is there some special protocol for changing directories to authorized v...more >>

When trying to open almost any media in Internet Explorer: "The file you are downloading cannot be opened by the default program. It is either corrupted or it has an incorrect file type. As a security precaution, it is recommended that you cancel the download." That's obviously a lie, sinc...more >>

It seems I am unable to export the private key of a server certificate to either DER and Base 64 since the options to choose are greyed out. The only choice is the PFX format which is not feasable. How do I get these options to be available. ...more >>

Hello All, I have developed an application allows a user to FTP files to a remote server with the push of a button. Sometimes the users that use the application to update the websites forget to do so after changing something in our database, I developed a windows application that performs...more >>

We have a couple of webservers running Windows 2000 and 2003 servers with IIS srving large volume of file content. Can anybody recommend suitable Antivirus software for these servers. The parameters I am primariliy focusing are 1) Speed 2) Effectiveness (Regular updates, reliability)...more >>

The scenario is : I have installed SPPS (SharePoint) on IIS6 (on win 2k3 machine). And I have installed my ISAPI filter for SPPS on IIS. This ISAPI filter requires Anonymous Authentication to be turned on and it deploys basic over ldap and form over ldap authentication schemes. I have also co...more >>

Hi all: I want to stop a current download from IIS (web) by the SERVER SIDE. Try the following to recreate the problem (I use Windows 2003 Server, IIS 6): 1. Create a virtual directory with a folder with heavy files (I have files >1Gb but for the test, but you only need a file that don't f...more >>

Hello. My coworkers and I have been tracking down some very particular security issues with IIS 5.1 on Windows XP (SP2). I have an ASP.NET (.NET 1.1) application that requires Integrated Windows Authentication which loads up various images (jpeg, gif) (preloading with JavaScript), various J...more >>

I have developed an application that uses port number 5002 The server app tested on windows Xp on Server 2003 SP1 the App is not reachable even when I disable the minimal firewall from "Routing and Remote Access" How to configure the server ? any tutorial ? The server is configured a...more >>

Hi,To all I am beginner in configuration Cert in IIS , I need guide me a good document for installing step by step config for impelementation Https for my site? Thanks inadvance. ...more >>

Our server is Windows 2003 Enterprise Editon. Running IIS 6. Teacher is using Frontpage 2000. I am using Frontpage 2003. I have reset permissions and removed permissions for editing this webpage from the teacher's school computer. Sometimes she can login but once she tries to save, an err...more >>

On a Win2003 server with SP1, we cannot run IIS 6.0 using an account other than the Local System account. On a Win2000 server with SP4 we can run IIS 5.0 using an account other than LocalSystem, however of trying to access the web pages we get 'A required privilege is not held by the client' e...more >>

IS there is a way to prevent GET data posted to a server from logging to the web server logs? I have sensative information being sent that I would not like logged for a GET (I would still like to log POST though). Is there a configuration setting in IIS for this?...more >>

I am using IIS to test some software (mainly YaBB and other free forum software) however YaBB is complaining that it can not write to its files in the cgi-bin directory. I looked at the file permissions in the MMC snapin and it is reporting that Script write access, Read Access, Write Access, ...more >>

I have installed ISAPI filter on IIS6.0 for SPPS running on the same machine. The filter I have installed is on the "web sites". Now when I access the SPPS main page, I get ISAPI filter authentication prompt and I am able to login successfully. SPPS is installed on default web site and I have en...more >>

Quick background: We have 2 web servers...a primary and secondary. Their data is synchronized through a 3rd party software and if we have one fail or need to switch over we just change the IP address of one or the other and go on our merry way. Yesterday we had a problem and had to rebuild ...more >>

Is anyone know how to force IIS6+urlscan 2.5 to read different configuration files for different sites? Many technical documents from MS describes such configuration (one IIS, different urlscans on different sites), but that problem still exist. Please... help... .. ...more >>

i will be setting up a new w2003 server shortly. it will be an external web server and also an internal lan file and print server for a simple workgroup. the router only does nat, no firewall. i plan on using the windows firewall and ipsec policies to restrict outside access to only port ...more >>

I created a .NET DLL which calls functions in a native DLL which again accesses the Windows registry. Everything works fine when the .NET DLL is used in a stand-alone application. When the .NET DLL is however used in a ASP.NET application access to the registry doesn't seem to be permitted. Th...more >>

Hi I'm working with in a single station with IIS 5.1 and interdev and I created an asp page successfully in a virtual directory which I had created throught IIS. and I can view it in IE6 well. How can other clients in my office visit my page throught our LAN? My computer name: Client11...more >>

Currently have an IIS 6.0 server running an application that is using a Verisign certificate. We are in the process of building a new version of the application which will be tested out on a different IIS 6.0 test server. Is there a way I can use the current production certificate on this...more >>

I have a member server that i would like to turn Anonymous access off. But when i do that and enable authenicate digest it requires my domain user to place the domain\username in the logon box. How can a avoid this?...more >>

Good morning - I am researching an issue that has become a problem on an Intranet that I have worked on. Here is the background information - IIS 6.0 running on a Windows 2003 Server in a ASP.NET environment Local users log in using their login ID that is attached to a Win2000 Server...more >>

I'm not sure if I'm posting this in the right place, but here goes.... I've recently built a website application using asp with both server and client side javascript (jscript). Most of the files reside in a subdirectory of the website root directory. I have an index page that does a redirect...more >>

I have developed several web applications using web services in desktop applictions, and ASP.NET in a web browser. Both types of applications use integrated authentication and are performing well under Win2K. I am in the process of moving from Win2K to WinXP. Testing of the browser applic...more >>

Is there a script or tool that will reset IIS 6.0's permissions back to their initial state (i.e. exactly after install)? I have a server that has been toyed with by too many developers, and I need to get it back to it's initial state before attempt to debug any more issues with it....more >>

Hi All, I have a website setup which also provide ability to download latest version of our Software by logging into the webpage. All latest softwares (ONLY ONE FILE .EXE for each Software) are located in the "/Download" folder of my website. Customer will login to website and the ASP page dec...more >>

I need to authenticate against active directory and log a user on to Sharepoint. In order to reduce SSL load and support edge server caching we are using a persistant shared SSL connection. My code will be searching active directory using the distinguished name from the origional user ce...more >>