Hi all, Is there any way to trace the SSL handshake, or to programmatically intercept some of the results. I'm interested in determining what cipher suite was negotiated for a given connection. Similar to what you can see under IE File Properties when you have a secure connection, for exampl...more >>

Hi. I don't know if this is the right news group, but I try :-) I make a plain htm file (test.htm) with an anchor to a file <html><body> <a href="file:///c:\Temp\Test.DOC">Test</A> </body></html> (Could also be link to a file on a shared networkdrive or a share) Run this from C:\ in...more >>

Hi all, This is what I am trying to achieve. I am writing a web application to allow my users to submit their documents for faxing. I have tested it using bmp and txt file and both seems to be ok. When I try to test with excel of word document, it gives me error. From the applicaiton event ...more >>

Hi there! I've got the following VB script: Set Group=GetObject("WinNT://MyDomain/Domain Admins") Set User=GetObject("WinNT://MyDomain/SomeUser") Wscript.Echo Group.IsMember(User.ADsPath) Being placed in .vbs file and ran with wscript shell, this code works just fine and returns '-1' (whi...more >>

I am looking for information to get started using SSL certificates. What I want to accomplish is to have a web site that requires certificates and will not allow anyone to connect to that website unless the end user has the certificate, effectively blocking everyone else from acessing the sit...more >>

Hi there, We have a tomcat servlet container which runs in the context of HTTPS. We have created a self signed certificate using keytool and this is stored in the tomcat environment (this certificate has the expiration date as well). We are having a client which basically is an applet which c...more >>

Hello, NG I'm a beginner web developer, so please be patient on answering my question :-) I've IIS6 web server and some plain ASP web application. IIS server and all my clients all running within same AD domain. All cients running IE6SP1. I want to generate different html output for remote ...more >>

I'm trying to implement WEBDAV on a W2k3 server and to connect using XP pro. I've set up a website just for this purpose. I created a new A record in the DNS (docs.xyz.com) and created the website using host headers. I created a virtual directory, lets call it 'mydocs'. I gave domain user...more >>

Hi, On windows2003, IIS6 on the virtual folder, I select Anonymous authentication, than I see username= domainname\servername and pwd it blank. But when I try to get acces to that viratual folder through the web, it does'nt work and return error 401.1. When I already leave anonymous authen...more >>

Hello I've installed WSUS over our Windows 2003 DC. Until now WSUS is being unable to contact the selfupdate folder which is causing that the WSUS stop responding. The error that I'm getting is a 401 (authentication). In the WSUS log there are many entries which show that the application re...more >>

Hello, We have an ASP based web application running on IIS5.0 that relies on Integrated Windows Authentication for Authentication. This essentially means we do not have an user management of our own in the application. However, we have simple role based authorization module based on User ident...more >>

I have a network architecure/security question on a 30 server 2K3/IIS6/SQL web site. Our web servers are currently multihomed with separate physical cards and 100 or 1GB vlans for internet, sql access, and admin/updating. Netbios is turned off on the internet and db cards, and the third connec...more >>

Hi, How do you enable IIS 5.1 to write to application log in event vierwer. = I can do it in IIS 6 but could not find information on how to set it up = in IIS 5.1 Thanks Jeff...more >>

I am new to ISS, and must admit Windows security is a bit of a mystery to me also, but I'm trying to write a .NET Web Service that programatically creates new Virtual Directories as required off an existing pre-defined Virtual Directory. The service works fine when I edit the "Default Web S...more >>

Hi, How do you enable event logging in IIS 5.1 Thanks ...more >>

I am on Windows XP Pro SP2, IIS 5.1 In IIS.msc, on "Default Web Site", right-click "Properties", go to "Directory Security" tab, click "View Certificate" button: Issued To = "localhost" Friendly Name = "SoloffWeb" This properties exactly match the cert I just created using "Server Cert...more >>

Hi, I have installed URLScan on my W2k3 web server, and it appears to be loaded correctly (green up-arrow in the ISAPI filters tab), but it is not functioning at all. It is not blocking the extensions it should block, nor is it generating a log file. Any ideas why this would happen? I have...more >>

I have a web app that receives XML, parses it, runs it against a database, then sends this data back as XML. When the file is received, a corresponding text file that contains the data being received is created in a virtual directory. This configuration runs fine in IIS 5.1 on XP Pro. But ...more >>

I have a SBS 2K and I am trying to install WSUS. When access the control panel I get the following error "Server Error in '/WSUSAdmin' Application" some suggest that the lockdown tool works. I install the lockdown tool but that software doesn't allow me to configure it. It idicates it is resto...more >>

In IIS 5.1 and IIS 6.0 , do sub-webs of "Default Web Site" automatically inherit a Server Certificate established for a "Default Web Site" ? I see that my sub-webs all have the "View Certificate" button enabled , but the "Server Certficate" button disabled. I see that my "Default Web Site"...more >>

How do I stop IIS6.0 from prompting for a username and password? enable anonymous access is checked and integrated Windows authenication is also selected. Kevin ...more >>

Have an ASP.Net web application which needs to: 1) access an SQL server database (not a local server) 2) restrict access to the web application to a set of users We'd like to configure the web application to access the database using a single, specific account and an Application Pool. Easy....more >>

Hi, We are planning to use either IIS 5.0 or 6.0 for some internal use. All of our users must go through a single sign on authentication first before they can use any one of the available services. I was wondering if we use EFS to encrypt the IIS root folder, when the end users coming to our...more >>

Hi, I have a windows 2003 server (no service packs) running on Microsoft Virtual Server. I have set up a simple asp page running under iis 6.0 with integrated security. I can access the asp page through IE running on a client laptop (XP SP1), however a VB application on the same machi...more >>

Hi, Problem Description: The problem occurs when I create a new website in IIS 6.0, I disable anonymous access and enable only Windows Integrated Authentication. I place a simple html page in the directory and try to browse to it using IE 6.0 SP1. I immediately receive an error (HTTP Error ...more >>

I have a web server (2003) IIS6 Whenever a different computer connects to the web site, they get a username and password request, but "Enable anonymous access" is on for the web site. If I remove the option "Integrated Windows authentication" then the page immediately fails to load with "You a...more >>

Hi all, We encountered some problems installaing assembli.net (.dll) no a server with Windows server 2003 (SP1) + his 2004. When we try to deploy the assembly whit "TI New object wizard", we recive an error: ---------------------------------------------------------------------------- -----...more >>

I have a public web with a few restricted sub-webs, which I authenticate using basic (clear text) authentication. For most users when they try to access a restricted sub-web, they're prompted for username & password. When they supply these, they're in OK. For a few users, their prompt includes u...more >>

In IIS6, MS says the IISADMPWD virtual directory needs to run in the same virtual directory as the application that the user is trying to sign on to, so they can change their password. I have quite a few applications that users sign-on to and I really don't want to run them all in the same pool....more >>

We are currently working on a sharepoint site with Analysis services. Whenever we try to autheticate using the internal FQDN of the server with integrated authentication it works. However if we use inegrated with the Internet DNS it fails and gives Kerberos errors. If I change it to Basic a...more >>

Our site (IIS on W2K) security uses Basic Authentication with SSL. We now have a request from our parent company to allow users authenticated on their site to have access to protected areas of our site without popping up the authentication dialog again. Is there any way to do this without chan...more >>

I have a Windows 2003/IIS 6.0 application running on a machine that is a member of the domain but is not a domain controller. If a user goes to this site and fills in their unqualified user name (i.e. without a domain name), the authenticeation fails (as the IIS tries to authenticate agains...more >>

Hello, I am running IIS5 and have restricted access to a folder that is on our web site. I am trying to set this up so that when someone tries to view a page that is in a folder they do not have access to they get a you are not authorized to view this page...instead they are prompted for use...more >>

Hi all, Is it possible to setup secure FTP in IIS 6? Ideally using SSL? If so, how can I do it? I dont see any options in the IIS control panel for the ftp site. TIA ...more >>

Hello there, I am a newbie to IIS but I need to host a forum on my own server for various reasons. I am wondering how secure is IIS, it will be on win Server 2003 and behind a simple Netgear Router firewall, that is it. Will I need to purchase a proper firewall or some extra software, or d...more >>

Hi, I'd like to upload files within a asp.NET web-application through Microsoft IIS 6.0 to a SAMBA network share, which requires an authentication. The SAMBA Server is not a member of a domain. The Windows 2003 Server either not. Both are dedicated Server. The Webser has two NIC. One is con...more >>

I am using IIS 5.0 on Windows 2000. I have set up a web site and it has been working fine. To access web-site o uses a URL like: https://pqms1.xyz.com Some of users do not have DNS, so they are using ip address instead of server name, https://10.4.3.106 However when IP adrress is used, ...more >>

running win2kpro with iis for my personal web site. my good router with hardware firewall is broke, so i went back to an older one that doesn't have a firewall. so i put on an old zonealarm (2.6 i think) and everything was fine with iis. but i was having trouble accessing the drive shares f...more >>

I just rebuilt my win2k3 pc and in rebuilding my web sites I can't get nt authenticaiton to work for any web app on any web site: all worked correctly before the rebuild. Here are some of the details of how my pc is set up and the problem: - My pc is win2k3 sp1 - I am a administrator on m...more >>

Hello, I am the win2K server admin and one of our groups wants to administer a very dynamic new website where they will be constantly be putting up quick pages for different clients to see. I have gone into IIS and properties of the website and have added an AD test user to the Operators ta...more >>

I have a website with a SSL certificate and have a need for anyone who browses to the website with http to be redirected to https. I created a custom 403.4.htm page. and tested it. My problem is that I constantly get error page 403.htm and cannot see this in the MMC for IIS on the custom err...more >>

Hi, We have a Windows 2000 Server running IIS 5 and we are having problems with integrated windows authentication but only with some clients. For testing purposes I have been using WFetch on the server itself and we are getting HTTP 401.1: Unauthorized Login Failed. The application we a...more >>

We have been using IIS5 for years and are familiar with its operation. We had to build a new server for internal use however and it has Win2003 and IIS6 installed. We copied our old site to the new server, changed the home directory on the default website in IIS to where we copied our files ...more >>

Hi, I've created a Server Cerificate for My Windows 2000 server. Now i want to create the Client certificate for the clients connected to this server. I tried several methods. Can anyone help in creating the Client certificates . I've created the certificate in IIS->webserverName->rightClick p...more >>

We have an f5 ssl offloader that is used in front of IIS 6.0. A https request comes to the SSL offloader and is forwarded over http to a webserver with the JRun plugin.The problem occurs if the original request is redirected by a IIS/JRun application. The redirected request becomes an http ...more >>

Probably simple question but: I need to have a logon and password scree popup when a couple particular files are accessed on a website. I a using Server 2000 and IIS 5. Here is the site and an example of how it should work, click on "clien 1": http://www.hohneng.com/clientdata/clientdata.htm ...more >>

I'm about to migrate a Verisign certificate from our existing Ex2k OWA server to a new Ex2k3 OWA server. My question is this: Does the server name need to stay the same for the cert to be valid? Verisign says: "VeriSign Server IDs can only be used on Web servers using the Common Name spec...more >>

ENVIRONMENT: IIS 6.0 Integrated Windows Authenication Users have permission to website Project Server 2003 Sp 1 MS Project 2003 Client ERROR: 401.1 - Unauthorized: Access is denied due to invalid credentials. BEHAVIOR: When we try to publish a project to the project server we get the ...more >>

Hi, I am using IIS 6.0 resource kit "Wfetch" utility to check my IIS 6.0 web server for HTTP TRACE verb. If I send a TRACE verb to my web site, I recieve: HTTP/1.1 Error 501 - Not Implemented which based on KB247643 is an indication of TRACE verb being disabled on my site, a good sign for...more >>

I have SSL configured and working on a Windows 2003 server with IIS 6.0. I can view my website with the https:/ but when you type my domain www.mydomain.com it gives me the HTTP Error 403.4 - Forbidden: SSL is required to view this resource. How do I get mywebsite to automaticly redirect to ...more >>