What are the minimum permissions required to adminstrate IIS6 via inetmgr? Do you have to be a local adminstrator on the web server to use inetmgr? If not, what are the minimum permissions? -- Berry Morgan JSO...more >>

I have installed a Certificate and it seems correct but I am not doing something correctly. IIS5, Server 2000. I used FrontPage to create a sub site 'test2" and checked the "require secure connection" option. FrontPage see the site as https//www.blah.blah/test2 When I brows to it https//www...more >>

I hope you can help me. Windows 20003 Server Active Directory Domain with an internal XXX.NET Domain and an external XXX.ORG Domain. I am creating our own Microsoft Internal Certificate Authority on my Domain Controller to be used on our Exchange Server and the ISA 2004 Server in our D...more >>

We recently moved to requiring Common Access Cards to access our web server. Since the implementation the lsass.exe process starts around 7mb of memory usage on a fresh reboot but climbs to around 90mb after 24 hours and 200mb after 48-72 hours. Needless to say it's killing our server after ...more >>

Hi, We are hosting our site containing simple html pages and fw asp.net pages on "Windows Server 2003 Web Edition". using IIS 6.0 All the web pages are copied under "c:\inetpub\wwwroot " directory. Under the directory security tab, under authentication methods, anonymous access is enabled...more >>

Hi Folks I wonder if anyone can help me with a problems I'm having. I've recntly moved from a shared hosting environment to a dedicated server running win 2003 web server R2 with IIS 6. Now I've been practicing setting up websites on the same confirguration at the office with server runing ...more >>

I just re-installed XP Pro SP2 (Total wipe and install) on my computer and after installing IIS the IP Address and Domain Name Restrictions button in Directory Security is greyed out. The only IP allowed access to the server is 127.0.0.1 my own computer. Before the re-install all computers on...more >>

hi, when I configure IIS server on a windows 2000 or 2003 server to use the ssl protocol, I have to make a certificate request, during which the web site generates a Key pair (public & private). My public key is sent to the CA alomg with my certificate request. I wish to know where is my...more >>

I created a test setup in a win 2003 std workgroup based network. sys 1 configured as DNS, IIS & CA service. Sys2 configured with two websites. The HHN for the fisrt web is www.abc.com with ssl enabled & for the second it was www.xyz.com. that is a normal site well every thing works fine...more >>

Our web server is found that is hacked occassionally. The server will have the following issues. 1. webpage directory will be added some *.htm file, part of file contents are shown as follows. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/ht...more >>

I want to enable secured communicaiton (HTTPS) for my web site. I am using Windows XP professional SP2 as my development box. In my Web applications settings in directory Security Tab the secured communcaiton setting is disabled...whereas the same setting is enabled on my other machine Windows...more >>

Hi!! & Hello!!! Well I have a server where I have hosted many sites on IIS 6.0. When the users I mean the public users (anyone from anywhere) if they go to their Start->Run-> from windows and type the IP address(for eg \\83.485.574.22) like this it opens up the default site with full director...more >>

Hi! I'm using a POP3 service and SMTP Service of Windows 2003 server to setup a small Mail Server Enviroment. In my "Default SMTP Virtual Server" -> Properties -> Access -> Authentication I need to allow "Anonymous Acces". If I don't do that, people can't send me mail's. My question is: ...more >>

Hello, I have a question for you all; I'm new in IIS's FTP and this is driving me crazy. I created a user in Windows, that user should have (full) access to two folders in the FTP root; what I need to do is create the permission to that user so when he logs in the server he only sees those ...more >>

Hello, I have a client running Windows 2003 Small Business Server. They have installed an app that runs under the default web site. When I am on the server or on the LAN and type in the URL: https://servername/bigtime the application comes up perfectly. However, when I try to do the same...more >>

Hi Experts: I know the purpose of signing an executable (say, by VeriSign) is to make it more securer. But can anyone explain why ? If I use my private key to sign an executable, I guess the content of the executable is changed ? Is it just the exe file header change? What if some hacker...more >>

Hello i've some WebServer (windows 2000 and windows 2003). I've a question about file Avi and Wmv : when a client call a link with a wmv file (es. www.mio.com/video.wmv) IIS start a streaming. There's a method to block this and prompt the file's Download? I try to set mime type.....(single sit...more >>

I am building a web page that will invoke a server-side process that needs to query Active Directory. I have set up a non-privileged account and have configured an application pool for the virtual directory to use this account on the identity tab. When I run the application, I am still not...more >>

hi all, i was wondering how can i secure a communication between a web server (IIS6.0) communicating or exchangeing data with a SQL Server at the backend?? thanx ...more >>

The development of a site is near completion and until now the site is accessed trough integrated windows authentication with SSL The site has to go public and therefore the IUSR_computername is enabled. Also the permissions on the virtual site and its contence for the IUSR account have bee...more >>

Hi, I have a intranet asp application runing on IIS6. with data on SQL server runing on an other computer (the two servers are member server of our active directory domain). Access to the data are based on the user account who connect to the IIS application. The application is runing on th...more >>

Is it possible to add a wildcard for a domain name restriction? For example, I want to restrict only users from a certain domain to access the site but they may be coming from many subdomains. Such as www1.mysite.com, www2.mysite.com, www3.mysite.com, etc. I would like to enter *.mysite.com Is ...more >>

I need to purchase and install a security certificate from one of the Certificate Authorities. Does anyone have recommendations re specific CAs that are good to work with (or not)? What do you believe are the most important criteria for evaluating a CA? Thanks in advance for any assistance....more >>

After I enabled SSL in IIS on my exchange 2003 server, I get no access to the site what so ever. I'm running a CA locally on my server.(it's a stand-alone, not part of the enterprise CA) If I remove the SSL requirement it works. Any ideas? ...more >>

I am publishing a web application in asp that will allow my users to access a sql database, each user will have a virtual directory that will give them an interface to access their respective database. My worry is that they will be able to access each others virtual directories and hence mo...more >>

My setup is as below - Windows Server 2003 SP1 3 websites running in IIS 6.0 a.domain.com b.domain.com c.domain.com internal IP 1.1.1.1 external ip 2.2.2.2 1-to-1 nat of 2.2.2.2 to 1.1.1.1 by firewall currently all 3 websites are reachable from outside What I want to do is enable...more >>

Greetings All, I am running a Win2003 SBS Standard server. I have 2 websites running on the server in the same domain. I have added a second IP to the server and assigned each website an IP address. I have also created separate SSL certs for each website and enabled port 443 for both. I hav...more >>

hi, i have a web application running under win2003 with IIS6. there are ASP pages that access and modify local files located in c:\folder1\folder2\*.* every thing works fine. I would like to move the files to another server on the same workgroup (there is no NT domain). the IIS server a...more >>

I have an IIS 6.0 server which is running Webfolders/WebDav If the administrator has full control to a Webfolder then ANY user that is part of the domain can logon to that virtual folder where they dont have NTFS permissions to it. Other IIS servers on the same domain dont have this proble...more >>

I setup a website which should have anon access. Under the IIS manager, I clicked the anonymous access checkbox. I restarted the webserver. It still asks for a password and username. I double checked the user account for anon access, and verified the passwords match. Stil asks for un...more >>

I have posted this in the IIS section which may indeed be the wrong place ! I have XP Professional SP2 and during installing and messinga round with IIS my Firewall stop working and cannot be displayed and therefore activated. The error says " "Due to an unidentified problem. windows cannot ...more >>

I am running wsbs2003sp1 on one machine and w2003sp1 and iis on my web server. My website is visible on the www but clients cannot open pdf documents, which i can open in my own browser. apparently ipnat.sys is running on the wsbs machine and windows firewall on the web server. I have tried o...more >>

New to this so please bear with me... I set up the: <customErrors mode="On" defaultRedirect="~/Unavailable.aspx"> </customErrors> And what it'll do is redirect to the Unavailable.aspx page, but then bring up ASP errors saying how it can't display what's going on and in order for it...more >>

I have installed Certificate Services and Certificate Services Web Enrollment Support. My problem stems from the fact that when I go to http://servername/cersrv I get a 404 Page cannot be found error. This occurs on the server and from a desktop. OS: w2k3 IIS 6.0 I am trying to get th...more >>

Dear ALL, i was wondering if there exists any plugins or filters for IIS that will allow me to limit the number of requests from a specifi IP address. or to automatically decrease the number of requests achieved from a single clients that we doubt that he is trying to carry a DoS attack due ...more >>

I have a web directory protected by SSL and basic authentication. It works fine. The user is prompted to authenticate before the page is displayed. It bothers me that there is no SSL padlock shown on the page during the basic authentication. I am guessing the logon is encrypted anyway, but I'd ...more >>

I've been struggling with a problem for the last two months that are almost driving me nuts... We have a traditional ASP.Net 1.1 web site accessing a SQL2000 database using delegation and a trusted connection. I have seen many posts regarding this setup, and we had quite some trouble getting i...more >>

Hi I'm using IIS 5.1 and I am trying to gain an understanding of what dictates whether a client sends logon credentials, in order for the Server Variable LOGON_USER to be accessible (i.e. contain useful info)? The current setup I'm working with is as follows ... There are ASP pages st...more >>

We have a little situation here: We have two servers - one web server and another fileserver. We need to expose some files located on the fileserver to users, but the file server itself is not exposed to the internet. So we created a virtual directory on our website and mapped it to the required...more >>

I recently upgraded to IIS 6. In the past we haven't used Intergrated Windows Authenication, but I thought that it would be nice to start using that instead of Basic Authenication w\ SSL. For some reason it doesn't work. I get prompted for a username\password even when I use IE (v6 SP2) whe...more >>

I have set up a Standalone CA on a DC with W2k3 (test lab) I have created a new certificate that is pending autorization from a CA. I am trying to use this pending request with my CA and I am having difficulty with this process. I have read the doco and have learned that a web interface on my C...more >>

Hi, Is it possible to give user certificates to users without having a AD, we are using a member server. If it is possible, how? Fré ...more >>

I'm having problems getting a web application working -- it's throwing a 403 error. I ran AuthDiag to determine what was wrong, and it's giving me the message: Service principal name (SPN) for user 'DOMAIN\MACHINE_asp' not found in Active Directory Is there something I can run (preferab...more >>

I am using the HTTP PUT command to upload images to IIS server. Same code uploading to IIS 5.0 works great, uploading to IIS 6.0 throws error "(501) Not Implemented". This error code is confirmed in the IIS log file. Write properties are enabled on the web folder, Read Only property is di...more >>

Hi, I have a <img src = "http:// ..."> which needs to be put in a secured page. For example on amazon when the confirmation page is displayed... The problem is that it's a secured page (https) and my tag is an absolute path... It looks like it's the problem because the tag is not secured. Wha...more >>

Hi, I need some help in configuring second SSL website in a web server on port 443. I read several articles and dicussions forms and I could n't get any solution. Please reply ASAP. Thanks ...more >>

Sorry if this has been answered, I've googled and read several FAQs. If I want to run several secured web sites on different ports on the same web server (same IP), do I need multiple SSL certificates? What I've read suggests that SSL is *only* associated with the FQDN of the site, not any par...more >>

Hello All, We have a little dilema here that I'm sure many others have faced but have not found a tech document that explains a possible solution yet. I'm still looking through the forums. We have several sites on an IIS server, and this server has http/https open to the internet. Nor...more >>

I have a W2K3 Standard server with SP1 called WEBSERVER. It is a member of DMZ.DOMAIN, DMZ.DOMAIN fully trusts INSIDE.DOMAIN. The website runs under an app pool that is a member of INSIDE.DOMAIN. If I access http://site.domain.com from inside my firewall my domain credentials are forwarded as I...more >>

I have deployed an ASP.NET 2 web app to a Windows 2003 Server with SP1 (this issue also occurred on a Win 2003 R2 server). The site is configured to use Windows Integrated Authentication (it is a local Intranet app) and the web app works with this, mostly. Frequently, however, the user will...more >>