I'm the web dev for a 200 person company, everything herein is in our corporate domain. We use Kerberos authentication - the domain controler is a win2k server. In short I have an Intranet server (win2k) hosting a .net 2 application and a test server (win2k) hosting a classic asp page. Both...more >>

Greetings, I have an asp page that allows me to start and stop services on my windows 2000 server and run some batch files as well. Now that we are upgrading to windows 2003 this page is not working. I have changed the security parameters on IIS 6.0 but still I cant run my batch (I am using...more >>

Sometimes we got an error (Not enough storage is available to complete this operation) from one of our servers which on win2000 sp 4 iis5.0 (all hotfix installed) sql server sp4. mdac 2.81. It occures random and we could not find the error reason. When the error occured the server cpu or mem or I...more >>

Hi I started to get this error after I inserted tables into my index.htm page. I have a small form (username/password) that runs to a small .asp page which then redirect based on information provided. I read a couple of post regarding this situation and it talks about installing a perl CGI sc...more >>

I need to be able to access AD to authenticate users coming to a .NET application running on an IIS which is in the DMZ... Here are the details: My .NET app resides on a Win 2003 Server with IIS6 in the DMZ of the firewall Win 2000 AD tree can be accessed through a dedicated server via IP...more >>

I have a website on Windows 2000 server with only IWA enabled. I can log into the site just fine, but if I type a bad password I get an HTTP 500 error. I can't figure out why I'm not reprompted for the password at least another time or two. I turned off "friendly errors" in IE and I now get ...more >>

Our web servers run IIS5 and we also make use of the Microsoft URL Scan utility: (http://www.microsoft.com/technet/security/tools/urlscan.mspx). By default Microsoft's URL scan utility blocks a number HTTP Methods including "HEAD". We have a number of clients concerned that blocking the HE...more >>

I know you can suppress the ftp banner in IIS 6.0 - but how do you suppress the http banner from displaying the web version? I was able to do it back in IIS 5, but it no longer works in IIS 6.0 (W2K3 SP1). We usually get written up about this during Security Assessments but the security vendo...more >>

This applies to IIS 6.0 with all current service packs at the time of this post. If you set the file permissions for any default page in a directory they will be overridden by directory permissions if the web request does not include the file name. www.abc.com/mydirectory/ Will use direc...more >>

Folks, I have 3 url's webmail.a.com, webmail.b.com and webmail.c.com pointing to a single public IP. I also have 2 OWA FE servers doing NLB with a single default website. We would like to purchase an SSL from Thawte and they told us that we need 3 public IP's an public IP per domain name. Als...more >>

When user installs certificate, he is able to access the secure website. But after he reboots, the certificate is no longer present. What can i do or look for to resolve this? Your help is much appreciated. Ken ...more >>

Hi, My Setup Server A is a W2003 server provinding sharepoint services. Using ssl 128 bit ssl. Server B is my mail server providing 128bit ssl owa. When Uses connect (externally) to server a they logon as expected but if they cllick on a hyperlink to Server b OWA services they are propmeted...more >>

Hi, I have an intranet site that is set up using ssl 128bit encryption (using my own certificate server- windows 2003 server (so thats iis 6.0) The name i used set for the 'issued to' part is its fqdn (intranet.domain.co.uk) when using the FQDN (https://intranet.domain.co.uk) it works ...more >>