I understand the use of public/private keys for encrypting. Could someone explain to me how a second public/private key pair is used for signing? Thanks. ...more >>

I'm going in circles trying to figure this out without any luck. I disabled anonomous access and am using basic authentication (integrated unchecked as well). I have created a local user on the IIS 6.0 server and assigned this user NTFS permissions to directories in question. From the out...more >>

I have a site that has to use basic authentication because of the MS proxy server the clients are behind. Anyhow, whenever a sub site is created the authentication is changed to use Windows Authentication & Basic. Any idea how to stop this? ...more >>

Hi, I have a problem with the asp file <% dim objWebDav set objWebDav = CreateObject("WebDavRedirect.Redirect") objWebDav.Redirigi "http://testdevserver02.gmserv.com/prova.asp" set objWebDav = Nothing %> The error message is Microsoft VBScript runtime error '800a0046' Permission den...more >>

Hi all, my company has several servers acting as web servers hosted at an ISP and one of them was compromised by some warez bunnies. All the server have the latest patches and anti virus software running, but no firewall... Several files appeared in a folder off one of the webs, being ki...more >>

am using client certificates to provide access to a web site. Once a user is logged in - how do they log out? Also how do I force the site to force the presentation of the certificate again - say on session timeout etc etc? ie a forced log out. Thanks Shaun Wilde ...more >>

Hi there. I've been working on a web page that allows you to search one of our indexes. This index is setup and is running on a folder. If I query the index from inside of "Computer Management" on our live machine I get results. If I use my asp script to do it on our live machine, I get no resul...more >>

I need to set the "log on as a batch job" security policy for an application that uses IIS. I find that after each re-boot, my local setting are wiped out and reset, even if I log on to a non-networked, local account. So even though I am not on a network, there is some domain or group setting ...more >>

Hi all, I've seen a few instances of issues like the following in this group and tried numerous suggested fixes, but can't seem to get beyond the problem, so any suggestions would be appreciated. ISSUE: Our ASP.NET application connects to a COM service. This works fine (either with IIS 5 or...more >>

Hello! We are having a strange IIS 5.0 problem involving client certificates. The situation is this: We have a system with a central server running Win2K and IIS 5.0, with the web site secured using client certificates and a CTL. Remote Linux-based embedded devices running OpenSSL and ...more >>

HI All; I am using utility "Metaacl" from microsoft to modify the permissions on the iismetabase path. When I give Metaacl.vbs "IIS://LOCALHOST/W3SVC/3/ROOT" domain\testpo07 R it gives error 438. I am trying this on win200 server with iis 5.0. Any idea or anyone help why this occurs? ...more >>

How to derive a public key certificate from a private key certificate ? I am in Microsoft Management Console with the Certificates plug-in. ...more >>

I have just installed IIS 6.0 W2k3. When you attempted to open the web site it is prompting for a password. I do not know what I am missing. I checked http://support.microsoft.com/kb/185874/ and http://support.microsoft.com/?id=258063 documents. I did not set a password for the IUSR_serv...more >>

hi, I have a simple question. I am using vbscript on a site to get users to upload pictures to my site view them on the site. my vbscript basically checks the extension of the file and if the file is either jpg, jpeg or gif it allows the upload. my question is, is it possible for someone to ...more >>

My VB.Net page (running on IIS) needs to access the file system on another Windows server in the AD. Me.User shows my userID and that I am authenticated but when I call a directory on the file server the log shows an attempt at anonymous login and the error message is "Access to path ... is ...more >>

What is HTTP compression and does it work I was thinking of enabling this on my iis6 server but wasn't sure what it would do. Please help or provided info sources for to me have a better understanding. I have also found some 3rd party tool http://port80software.com/products/httpzip/ bu...more >>

We have run a .NET app on a test and prod server for months. We are running IIS 5 on Windows 2000 and are fully patched with current versions of ADO. In order to browse the application we only use the server name in the URL. For example: http://MyServer/MyApp/default.aspx . We are not prompt...more >>

I am familiar [but not an expert] with administrating NTFS rights with the SECURITY tab, and creating users. I have multiple FTP sites running on multiple IP addresses using IIS 5 under Win 2000 with SP4. I can create a user, give him rights to his FTP site via the SECURITY tab, and he can ...more >>

Hi, I have an IIS 6 application on Windows 2003 SP1 configured to use integrated authentication. It runs in an application pool that is configured with a specific user name and password. If I connect to the web site using IE 6 hosted on a machine running NT 4 everything works fine. When ...more >>

Hi All, I have a server 2003 and running well with integrated IIS 6. I have a problem when anonymous user can go to IIS web page but cannot access file. The error was HTTP and 404. I realise that this error only occur when the PC was not login to domain. Is there a way to allow those mobile u...more >>

I am trying to dig up any documented issues where having IIS sites set for anonymous access causes the webs or server to be more vulnerable to attack. From what I can tell, if an attacker penetrated your firewall and got in, all he wouldbe able to do (for themost part) is browse anonymous sit...more >>

We are in the process of migrating an intranet web server from a Windows 2000 box to a Windows 2003 box. In migrating OSs and from IIS 5 to IIS 6, we've noticed a significant difference in how Windows integrated security works with our ASP.Net web pages. For our web sites where directory se...more >>

This was cross-posted to inetserver.iss. Sorry, but I HAVE to get an answer to this problem! I have a simple ASP stript that writes a cookie. I have set IE to "No Cookies - Prompt". I run the script from a site and I get the prompt. This works O.K; i.e., as expected. THEN, I run EXACTLY...more >>