I have five users on my w2k3 server and they are setup to view a specific
directory accessible via my website in IIS6. Last weekend my users started
to fail their logins. I looked at the user setup and all of them had their
properties changed to need to change password on next login. When I setup
those users, I specifically set them up with password never expires. Is
there something that was automatically run on my server without me knowing
that flipped all those settings on me? Or it is possible my machine was
hacked into?

On Thu, 17 Mar 2005 10:37:20 -0500, "Flip"
[quoted text, click to view]

This isn't a function of IIS security settings, so you may want to ask
in a server group. No, there's nothing that changes your settings,
that would pretty much end the sale of Microsoft products. It's
possible your machine was hacked, or it's possible you changed them.

Thank you Jeff for the response, I was starting to think this we going to go
unanswered.

[quoted text, click to view]
I did, and unfortunately, haven't heard back anything yet. :< Hence this
request. Thanks for your time.

[quoted text, click to view]
That's what I was thinking too, it would pretty dumb if they did that. :<

[quoted text, click to view]
Yikes. :< That was my fear. :< I just came from linux where I don't
believe I was ever hacked into, and now this. :< I'll have to dig some more
before I make that concrete decision. It is possible I changed them, but
not explicitly, I hadn't been on that box in about a month. :< The server
just hums along. :>