I run a website with over 770,000 files for downloading. I am getting 404 errors for files that you can clearly "see" because the page that your seeing was created on the fly by the directory browsing feature. I don't think I was having this much trouble with the Sever 2000/iis v? but I seem t...more >>

Hi I have two IIS servers with similar setups, When I logon to the server and use IE to view the website, everything works as expected on both servers When I use a different computer to view the same pages, then one works OK, and the other gives me the error in the subject line. Lookin...more >>

I am trying to configure OWA with patch for KB 920209 to enable Smart Card login to OWA. Part of the KB is creating a KDC Service Account, which appears to require using "setspn". The examples leave LOTS to be desired. Do I run setspn on the OWA server or domain controller? One of the co...more >>

Hello, first of all... "sorry in advance" I come from the development world and I'm not quite good at the admin. Jargon :-). In the web application that we have we are using "Integrated Windows Authentication", what it happens for users that want to authenticate from outside the doma...more >>

I can not protect files that are in a virtual directory. What is wrong? Situation: - three Windows 2003 server: S1: primary server S2: Exchange + IIS 6 (with intranet) S3: printer and file services. Including \\D3\Data share - on S2: 1. intranet website with root in C:\inetpub\wwwroot...more >>

I have installed Windows SharePoint Services and I am using SSL with it. We are going to have 2 domains, one internal and one external, but in IIS they are still the same vitural site. Is there a way I can get SSL to work with both domians? Such as https://sharepoint (internal) and https:...more >>

We have enforced SSL v3.0 or TLS v1.0 on our server (Win 2003 Srv R2 with IIS 6). When I try to connect using only SSl v2.0 I just get a Page Cannot Be Displayed error message. What I want to do is this: I want the user to connect an unsecured page which runs a script to see if the clien...more >>

2007-04-20 01:59:43UTC 88.229.55.206 Hacked By Nið-DeLi Defaced a page on just 1 of my sites. PUT /index.htm to plant the file using Microsoft+Data+Access+Internet+Publishing+Provider+DAV+1.1, was the method. I have since repaired this per MS KB 241520. prob should suggest others disable the ...more >>

Hello, i have a problem configuring IIS6 to enable http downloads. I have a subdirectory on Inetpub\wwwroot called download. There I put some files (.exe and .dll) for downloading. I also registered MIME types (.dll and .exe) as Application/octet-stream. The download via Browser from the ro...more >>

Hi All- I repurposed a virtual server and an old certificate to a different CA is stuck in IIS and I can't figure out any way to remove it. Additionally, when I try to submit a new certificate it goes to the old location. Do I need to just start over from scratch and reinstall Windows to ge...more >>

I have an situation where I'm trying to copy files via the Windows XP WebDAV redirector to a Sharepoint server that has SSL enabled. Problem is that the XP WebDAV redirector does not support SSL. If I temporarily disable SSL on the site, the file copy works fine. I can then re-enable SSL an...more >>

I have a website and installed CA on the server, and created a SSL connection, everything is fine until I enable the client require certificate. I have followed the link and followed the instructions http://msdn2.microsoft.com/en-us/library/aa302412.aspx, but when access the page the certif...more >>

Hi everyone, I have spotted a few posts on this matter but still a little confussed. Some people are saying that you need to install URLScan in order to disable this however i don't really want to install this and would much prefer to just disable it without the installation of additional ...more >>

hi i'm trying to setup ssl following some guides like http://technet2.microsoft.com/WindowsServer/f/?en/library/c809b2b8-5558-421f-96d4-53d959e905c71033.mspx but i can't make ssl work if i browse the site with "http://" the web server notifies me an "403.4 - write httpS:// instead" but wh...more >>

Hi everybody, First, I apology for my english. I am fighting with a web site to setting up to use Digest Authentication. I set the domain correctly, DNS are ok, but I cant login to the website. If I setup the website with Basic authentication works fine (f...more >>

Hi all, I have two websites (www.site1.com and www.site2.com) running on IIS on two different machines. One of the pages on site1 uses frames, and the main frame contains a page from site2. I wish to enable SSL on both sites, but am concerned that when the frames-page on site1 is accessed t...more >>

We have a website in IIS6 that we have protected using Integrated Windows authentication with Anonymous access disabled. The normal behaviour in IE6 when hitting this site over the Internet is to prompt for credentials. However, we have run across 3 IE6 installations (6.0.2900.2180) that do no...more >>

I'm setting up an IIS 6.0 public server, and I've run into problems getting anonymous access to work. We of course gave read access to the IUSR_<MachineName> account to all of the application's files under InetPub, but we are getting 401.3 errors indicating ACL problems. If we select the...more >>

Is it right that the only purpose of the IWAM_<MachineName> account is to run any process that is spawned from within the IIS 6.0 server process? What is the security context of an ASP application that runs in the server process without spawning a separate process? The IIS service appears t...more >>

I am in the process of renewing my existing SSL cert with Network Solutions. It is currently with Verisign. I would like the current cert to be valid until I install the new one. Is there a way to generate the CSR without removing the current certificate? In IIS 6.0 do I: - Renew the current ...more >>

We have a web application that uses asp pages and javascript to display information to users. We want the data to be secure, so the login page will redirect http:// users from port 80 to https:// on port 443. We prompt for a username a password, then use an isapi filter to authenticate the...more >>

When I arrived this morning to my office I noticed that the intranet's home page was modified: Some images where erased, others changed, etc. The strange thing is that the modification time is 20:15 and no IT users work at this hours (work time is 9:00 to 17:00). I'm now thinking of some sec...more >>

Hi, My application needs to call a IIS web based application that requires Windows based authentication. The user credentials that our application will use is not the same as the user logged onto the workstation. When calling the web page, IE prompts for a user ID and password. I would like t...more >>

Not sure if this is IIS or IE but I tyhink it may be both. Anyway, we have a SharePoint web site that requires a log in to access. The issue is we also need to monitor this web site to make sure it is available. MOM has a utility to check web pages but with this page requesting a login of c...more >>

i'm not familiar with iis or http and its jargon. my iis5 server (windows 2000 sp4) is currently hosting our website & owa. it is a requirement to ensure that the http trace is disabled on the server. i have try but still could not understand what or how to configure the urlscan.ini to just d...more >>

I'm trying to Implement the Change Password feature with Outlook Web Access (Q297121). I followed the procedure documented in Q228821 about generating a Certificate Request file. I created the file but now it says I have to submit this file to a Certificate Authority. Where do I find one to...more >>

Hi, The situation: windows xp pro sp2 (IIS 5.1). In the windows of IIS management, all virtual maps are under "Default website". The property "Map security" is first set on "Windows Integrated Authentification". There is a virtual map with property "Map security" set to "Anonymous a...more >>

Hello- I completely screwed up my OWA so I uninstalled Exchange and IIS both. Now when I go under the properties of the directory I want to secure the "Server Certificate" button is greyed out and if I go to View Certificate it shows a certificate I don't even HAVE installed any more. How d...more >>

I have installed iis 6.0 on my win 2003 server.. I created a web site and give IUSR_MAchinename account to access web site with only integrated windows authentication. I put my files into into wwwroot folder and give the all permission for iusr_machinename account. When i try to access ...more >>

This one is driving me crazy. Here is the environment: I have one web server, Windows 2003 R2; IIS 6.0, and a files server running Windows 2003 R2. Both servers are part of a Windows 2003 native Active Directory domain. Virtual directories have been created on the web server pointing to a...more >>

Using an internal Microsoft Certificate Authority server, I have created a root CA and signed many web site certificates. The latest version of IE makes these IIS/MS-CA SSL sites look "criminal" because the certificates were not signed by Verisign. I give up. How can I convert my root CA certifi...more >>

Hi there, We're running a website on a IIS6.0 / Windows2003 SP1 server, with a Thawte web server certificate installed to enable HTTPS access. Now we want to force client connections use SSL v3 or SLT 1.0 or SLT 1.1 or better, so we decided to stop supporting SSL v2 on this server. But we w...more >>

Hi All, I have this morning put a new IIS 6 server live, since which I am getting reports that user accounts are being locked out as soon as they visit the site on the new server (Intranet). We are using intergrated auth. I havent fully investigated this yet, just wondering if anyone can h...more >>