Can I have more than one IUSR_ account per site If the main site has the default account can I specify a different one for a folder in the site and still maintain the default for the rest of the site? ...more >>

Our apps developers created a website with a link for comments. When users click on the link to enter comments it asks them to enter username, password and domain name. I checked the settings for this page and the windows autentication is selected (I should mention that this website is inter...more >>

Dear Sir, Can anyone help me on this topic. 1. How secure is Internet Authentication Service (IAS) that support Remote Authentication Dial-In User Service(RADIUS)? 2. Advantage & disadvantage of IAS&RADIUS compare with DMZ? I really appreaciate your help and time Thank you so much ...more >>

Hi all, I have a Web site, on the server side, a Word compatible document is created. On the client side, an instance of Word opens this document, applies some headers and footers, and attempts a Save-As. However, I get the above error on the following call : Call doc.SaveAs(docName,...more >>

I have a certifcate set on my one of my servers set as issued to something like myserver.local which works fine. But when I goto the site by another name it is known by (ie othername.local ) I get the security warning that the cert was registered under the other name. Is there a way to have the ...more >>

I have a windows 2003 stand alone iis server that has a ftp server running. I have 2 virtual directories that are on other servers. I am trying to setup an ftp user so that they can access these virtual directories. What I have already created a user on both servers so it does passthrough ...more >>

Hi, I'm hosting an Anonymous FTP server (read only) on IIS 5.0 I often get attacks lasting about 20 minutes of a user attempting to login as Administrator. I have a strong Administrator password so it always fails, but at first, the event log would fill up with Security Autit Failures, so...more >>

Environment: Windows 2003 SP1 Exchange 2003 SP2 Problem: I'm trying to install a SSL certificate for OWA (default site). I've used SelfSSL out of the IIS Resource Kit. I installed the certificate through the CLI, and went to edit the options under the Directory Security Tab in the ...more >>

Is there a way to stop a brute force attack on IIS 5.0, my log file shows a lot of attempts to login as Admin on my FTP site.. ...more >>

Hi all, I am managing local network of about 10 systems. All the system are used by ..Net Developers. They all require IIS for developing & testing web applications. What I hav to do is to give them administrator permissions. Because below that don't work. And when developers debug their appli...more >>

Hello everyone, How are you? Strangely I have the problem with closed port 80,,. I read many problems about opened port 80 but not like mine port 80 always i9s closed. My web server with Win 2003 enterprise worked fine for more than 2 years and suddenly last 10 days my web pages do not sh...more >>

ADODB.Stream error '800a0bbc' Write to file failed. I know this usually means I don't have the correct user access setup on the directory I am trying to write to, but I have added "everyone" w/ full permission and it still doesn't work. Im wondering if there is something wrong w/ IIS a...more >>

Hello's We are in the process of evaluating whether to enable password change via IIS on our Intranet site which is accessible to the outside world after presenting valid Domain credentials. What security concerns should i be aware of by turning on the Enable password change property in the ...more >>

Hi, I have a server having the HTTPS or SSL but I like to redirect it to other SSL/HTTPS in other serverS. is there a way to do it in IIS in windows 2000 server? regards, IIS help...more >>

I have set up a website with SSL on machine "A" and requested a certificate - Installed Stand alone CA on machine "B" and invoked the certifikate on this and imorted that to machina "A". It works, but clients cannot accept the certificate. They get a "Windows does not have enough informatio...more >>

We have requested and installed a new public certificate for this server however when a page is requested the old certificate is offered. This gives a warning pop-up that the certificate has expired. According to the IIS Administration Snap-in the correct certificate is installed. Why this ...more >>

We are using a Win 2003 server, running IIS 6.0. We have company blogs on this server, using Moveable Type. We are trying to restrict access to some of our Blogs by password-protecting them at the server level. However, we have found if we take the IUSR_Webservices user off the list, the Blogs d...more >>

I have implemented MS Article ID 187498 to do this. However, when we run open ssl against our win2003 IIS server to check that the change is made it detects 2.0 as still enabled. Has any one had this issue? IS there another process specifically for IIS 6? I'd appreciate any info. Thnx ...more >>

Hi, I have the following configuration Two Active Directory Domains in two separate forests. Domain A Windows 2000 Domain B Windows 2003 I have a one-way trust between them such that B trusts A I have a web application running on a Windows Server 2003 installation using IIS in Do...more >>

Can anyone recommend any programs (freeware preferred, but not necessarily) for testing one's own server for security holes - particularly with respect to permissions, but also more generally? Thanks. ...more >>