We have a machine running Windows 2003 Server, IIS 6, and Windows SharePoint Services. The machine resides in our DMZ (outside the firewall), and is on a separate domain that has a one-way trust relationship with our intranet domain (separate forest; the extranet domain trusts accounts from our ...more >>

Hi. I'm running Win XP Pro Sp2. After running the iis lockdown tool, my administrator account got changed so that this account is a member of the Web Anonymous Users. After rebooting, when I try logging in, I'm immediately logged out. Removing the Web Anonymous Users fixes things. Can someone...more >>

Howdy, One of our machines that was running a secure website went dead. So we ended up building a new machine with the same name. I am wondering if there is a way to get the old certificate to work on this new system. I do have the old certificate request file (.cer) as well as the respons...more >>

We are running applications via distributed assemblies on our intranet site. This requires a stub executable to load the assembly. After running the IIS Lockdown tool 2.1 on IIS 5.0, Win2k server (SP4 with all the latest updates and patches from MS) the executables will no longer run. We get a...more >>

I just did a pen test and I found out that my owa server has a flaw. The flaw is with IIS 5.0 I am being to to delete the following files aexp*.htr. My question is this. By deleting these files will I affect my OWA server? Thank You...more >>

I am wondering whether it is a good idea and necessary setup URLScan & iiscantool on my new Win2003+EXch2003 OWA box ? Also, I was told that I could run the URLScan on the ISA 2004 box and that should protect my FE 2003 servers. Please confirm which version of URLScan and iiscantool I should...more >>

Hi, Client Authentication Process during SSL Handshake involved the use of a digital signature (see http://support.microsoft.com/default.aspx?scid=kb;EN-US;q257586) Is there a way to get and store the digital signature somewhere ? I would like to log the Client Authentication in order to pr...more >>

Hi, does anybody know a ressource where the iis6 authentication process is displayed ? i have a web application that runs with "Local Service" identity in the default app. pool. when i switch to "Network Service" identity the application did not work. I want to understand why and where ...more >>

Is it ok to setup IIS6 on the same box that have Exchange what impact that will have on security I already have a wtchguard Firwall. Thank You ...more >>

Is it possible to customize the screen users see when prompted to enter a un/pw when trying to enter a restricted web directory? We want it to say more than 'connecting to www.mydomain.com'...more >>

Hello, We have a number of intranet sites running on a Win2k IIS5 machine, and we use Integrated authentication to identify users. When logging into one of these sites from a Win2k client, users are presented with a username, password and domain box. They enter their username and password a...more >>

Hi at all! I've a little problem. I've a web site with storage on a shared folder on a NAS. The folder is shared to user's domain (Domain\IUSR_WEB). The web site is configured to connect to the folder with (Domain\IURS_WEB). The user is used for anonymous access too. all work propertly, but i ...more >>

When using NTLM or Kerberos is there a way to disable the save password button that isn't client side, maybe by editing the IIS metabase or something to that effect? We have a secure app with SSL that we provide access to externally, I don't want users using a Kiosk computer or something and ...more >>

I issued Certificate using WebServer Certificate Template. I installed it at Directory Security, Secure Communications, Server Certificate... and secure site is functional. However after restarting Windows my certificate always got replaced by another certificate. Site also works but it prompt...more >>

Last night I was playing with a webpage in ASPX to modify a guestbook.xml file. I had a few problems with gaining the right security access on the file. In the end I had to give modify/write privileges to Users. That struck me as odd as the IUSR_machinename and the ASPNET user changes did ...more >>

Hi, NTLM authentication just will not work at all on my server 2003 box. Basic works fine. I've even tried giving everyone full control on the files. Nothing. Even with a flat HTML site it still won't work. The server is on a domain. No other machines on the domain appear to be exhibit...more >>

Hi, I am trying to automate the installation of URLSCAN and am using the following command: SETUP.EXE /Q Unfortunately I still get a dialog box saying that the installation was successful and I have to click on OK. Any way to make the install completely silent ? Thanks ! Tim ...more >>

I am in the process of installing urlscan 2.5 on a IIS4 (NT4 SP6a) Server running Frontpage98. As per the installation notes, i am unable to move the urlscan below the fpexedll.dll within the ISAPI filter dialogue. The fpexedll.dll has a "low" priority and urlscan has a "high" priority. I cann...more >>

Can Somone mimick another one's Yahoo ID ? Someone posted in a newsgroup Using My Own Yahoo ID in a Yahoo group that I'm a co-moderator of. They made the post to look like I were syaing that my password was found by someone!! My password is a good one (combination of letters and n...more >>

Should dev and test environment in completely different network? thanks ...more >>

what difference between Integrated Windows Authentication in IIS configuration and Active Directory authentication? thanks ...more >>

Hi So here's my situation. I've got IIS v5.0.2195 running on the same box as my SQL Server which hosts ASP and ASP.NET applications For authentication, i have 'allow anonymous' unchecked and 'Integrated Windows Authentication' checked. I'm also placing users into a domain group which subseq...more >>

I have a questions regarding SSL and joining to the domain. We have a webserver (W2K3 Standard) that is using SSL for secure communications. Right now, that server is in its own workgroup (not domain) and we would like to have it a member server with our W2K3 Standard. Will there be any pro...more >>

Hi, I have a windows 2000 server with IIS installed in a windows 2003 domain. I need to change the IUSR anonimous account from local to domain account. I create the user, used the adsutil set ... I set the User right on the local security policy, but when I access the site I have an Internal se...more >>

Hi all, Question. We are building a new intranet for the company. Management wants people to be required to login when they hit the website from either internal or at home (intranet.company.com etc..) For security reasons, the IIS box is a standalone system in the DMZ with no reference...more >>

I would like to create an intanet that everybody can access with userid and password and specific ip ranges should be able to acess without entering userid and password. How can I configure IIS6 to do that? thanks for help ...more >>

Hi, I've just installed IISlockdown 2.1 on and IIS 5.0 web server running on top of W2K + SP4. I had a couple of ASP pages from where I send e-mail (both internal and to the Internet). Since I installed IISLockdown I started getting a "permission denied" error message whenever an e-m...more >>

Hello, I posted this in the .NET group, but no one seemed to have an answer. I wrote a web app that prompts for the user name and password, then redirects the user to the correct page depending on the group they belong to. The problem arrises when the user is redirected to the new asp page. ...more >>

I am preparing to migrtate my Server 2003 Enterprise Edition to new = hardware and will likely reinstall. I am currently running IIS 6.0 and = SQL Server on my Domain Controller, which is not recommended according = to the MBSA. However, I am not currently fowarding ANY ports from my = router ...more >>

i hope i can find some help here. i habe to set up an SSL connection for my SBS2000 using OWA but also securing some maintainance-directories on my website. so the thing to do is set up an SSL-connection, there is no need of an third-party-official approved certificate. to use the SSL i do ...more >>