I have two Windows Server 2003 machines running IIS. Both use anonymous login, both use the default anonymous user accounts, both are Domain Controllers. The problem is that one allows anonymous login without issue, while the other prompts for a user name and password. If you type in iusr_com...more >>

Hi, Is there a IIS 6.0 lock down tool for Windows 2003 Server? If there is, where would it be located. Thanks. Mitch...more >>

Hi there, Is it possilbe to redirect error pages (401, 404, etc), to a custom page using ASP/VBScript. I'd rather not use the custom errors tab in IIS as we have more than one web site running on the IIS server. Thanks very much/......more >>

Hi, I want to run ISAPI application in medium(pooled) or High(Isolated) level of application protection in IIS 5.0. When i run it in low level it runs without any problem. But when i run it in medium or high level only alternate requests will be served properly. For every other alternate...more >>

Hi, I have discovered an odd problem when using window.open from an IE window which was opened with ShowModalDialog. You would expect the new window to inherit the cookies from the same IE session which created the modal window, but in some cases that doesn't happen. It may get the coooki...more >>

Hi! I have found a problem with non standard url it`s: http://server/doc_name.asp?param=value <- it works fine but http://server/doc_namse.asp/param/value <- IIS looks for such a server/doc_namse.asp/param/value document and it doesn`t find it. How to make IIS to execute d...more >>

I am getting ready to upgrade our domain from Windows 2000 to Windows 2003. I have a web server that is running Windows 2000 and is currently a DC which will not be upgraded. The Windows 2000 web server hosts our Intranet site and uses Integrated Windows Authentication to validate users. I p...more >>

Why is prompting for ID/PW random? Server: Windows 2000, SP4, IIS 5.0, teamshare and SQL 2000. sub-site (Default web/cr) has Basic Authentication Checked, only. NTFS security for /cr folder allows Authenticated Users, Administrators, System and denys Anonymous Most of the time a user i...more >>

Hello: I am bringing a new IIS 6.0 server online with Windows 2003 and SP1. SP1 has the new Windows Firewall in it. After the server came online I tried to access one of its sites. I couldn't access the site and then noticed the Windows Firewall was turned on. After turning it off every...more >>

I am probably going to misquote the microsoft rep I talked to (it was months ago), but here it goes: "In (mass vhost/webhosting/isp) type scenarios you should segregate all web applications that need high security by configuring custom App Pool Identities for each. There is a 'return self' fu...more >>

Hi there, This is a carry on from my Sessions/Cookies post... This is the setup I have: IIS running on W2K3 - IISSERVER Exchange 2003 - MAILSERVER I have an internal web site running on the IIS server which requires users to authenticate with their AD username/password. On this websit...more >>

how do you allow .cfg and .ini files in a web directory . .IIS 6 gives a 404 error . but you can change the extension and access them . .it is NOT a path problem . it appears as some sort of security measure. Can someone please tell me how to allow these so I can get things working like they d...more >>

Hi, I have an IIS 6 on Win2003 registered on a domain. I'm running the following applications on this machine, - an ASP.NET Web App - Reporting Services Interface - Reporting Services Server All of the applications above use Windows Integrated Security. The ASP.NET application work...more >>

I am having problems serving a file through http called myFile.vb_ I want to launch the file, but make it unknown to the browser. But it has to be known as a vb script file, because it launch some local file access functionality. Weird, I know. Does anyone know how to teach IIS 6.0 to exe...more >>

Hi there, I have an internal web site running in a Windows Server 2003 Active Directory domain. I've set it to NOT allow annonymous access so that users are requested for their username/password when they access it. I've also got a logoff button on the website which I want to do exactly th...more >>

I'm having a problem with IIS 6.0. I'm trying to restrict certain directories on our web server to certain domain users and it's not working properly. I'm using Basic Auth with anonymous access disabled. For example: I have a directory called "admin" and I've set the NTFS permissions on...more >>

Hi, I just setup an IIS 6 server on one of the member server in my AD domain and created a virtual directory. I would like to be able to use webfolder and IE to access this virtual directory However, I can't seem to get the authentication working properly. The only way I can get access...more >>

I have an IIS 6.0 web server set up using Integrated auth. When clients who are part of the domain go to the site, SOME of them get this result: When they first hit the web page, they get a page cannot be found error and if they hit refresh, it works EVERY time. I have used AUTHDAIG to get...more >>

With "passport" enabled on the IIS server, is it possible to limit to a specific set of passport users only instead of the whole community? Is it possible with just ISAPI extensions? ...more >>