During a recent security scan of our IIS 6 box, it was shown that the II Version, 6 in this case, and the Internal IP address of the box were being shown externally. Why would this be and how can I fix this. The box is natted behind a firewall....more >>

Hi, I recently built a new webserver to replace an existing server. I copied the data to the new server and rebuilt all of the IIS directories by hand. I replaced the broken SID of the old IUSR account on all of the folders with the new IUSR account from the new server. Now when I try...more >>

Greetings, We are running IIS 5, and have run the lockdown tool (2.1) using the FPEx template. We have noticed that anyone that opens the website inside Frontpage can edit the contents of all websites on this server without being prompted for a password. We hope this is a simple misconfigu...more >>

Ok to explain my scenario here is my goal I have an intranet site that is available internally as well as externally. Currently it is just html files on the intranet (that change may come later which will make it easy to secure via an application, unfortunately right now that is not an opt...more >>

I have a website that contains a virtual directory mapped to a UNC using a domain account under "Connect As." Users are normally able to browse the virtual directory without incident. The site exist on an NLB cluster. Occasionally, one or two of the servers will forget the "Connect As" Passw...more >>

Hi all, We have two domains in here and are currently migrating users from Domain A to Domain B. We have a trust relationship setup between the two and are using Windows Integrated Security for Authentication. My IIS Server is in Domain A. I can connect to the webserver using User X ...more >>

I've gone through the steps of redirecting HTTP requests to HTTPS for OWA as outlined in KB-839357. I've checked, rechecked, and checked again that all steps were followed but I still get: HTTP Error 403 - Forbidden You are not authorized to view this page My head hurts from banging it on...more >>

Thanks in advance for your help ... Environment: .. We have several IIS servers, one for each of the following: Exchange 2003 OWA, Sharepoint 2003, and CRM 3. .. All are Windows 2003 and part of the same domain .. Web access is set to integrated on all servers. .. Network is behind a Symant...more >>

I am running IIS 5.1 on XP SP2. I have two virtual directories in the same Web site that have anonymous access disabled - one contains HTML pages and the other contains a CGI executable. One of the HTML pages has a form which executes the CGI. If I open a new browser window, and then ope...more >>

Heres my problem: There is a webserver at work, win2k, that originally was joined to the domain, but is always logged on locally. We can't get it to audit security events - domain policies override local policies. We logged on with an admin account from the domain to attempt to look at the...more >>

Hi all, I've read the posts on multiple SSL certs on virtual servers, as well as the kb articles (again) and I'm wondering if anyone has had the same issue I'm getting now. In the past I've always managed to get multiple certs working by either using a different port or a different IP address...more >>

I'm using IIS 6.0 on a Windows 2003 Std, I have created Virtual Directory called test\ and in there I have index.htm and also web.cer (web.cer is the certificate that I want my users to download for there PDA's) the index.htm displays OK but when I click on to the link that points to web.cer I...more >>