Re: Question about windows integrated security

From: NWx (test_at_test.com)
Date: 01/31/04 

Date: Sat, 31 Jan 2004 08:18:05 +0200

Hi,

> It would be unusual for a local admin not to be able to access a page
*but*
> it is possible to remove access to admins from a page. Check the NTFS
> permissions.

This is a test server, so it cannot be accessed over internet
The virtual folder is located on a FAT32 drive, do there is no file or
folder restriction available.

> Next - I would enable auditing for "logon failures" if it's not currently
> enabled. You will then see, in the security Event Log, and logon failure
> event, recording the account that the server thinks it being used, and a
> possible reason why the logon is failing.

Sorry to ask, but how can I do this? I don't know much beside basic settings
(minimum necessary to be able to setup virtual folder for a web app -
ASP.NET, ASP or PHP) about managing IIS.

Actually, I tried connecting to the server again, but probaly I changed
something since last time, and now I get a different behaviour: user logon
form opened by browser has TTMSERVER\Guest filled automatically in user
login, and it is disabled (so I cannot change it to John anymore), so I can
only enter a password.

What could be the reason for this?

Many thanks for your patience.

Cheers

>
> What you have setup should work, but for some reason it's not, so we need
to
> try and work out where it's failing.
>
> Cheers
> Ken server
>
>
> "NWx" <test@test.com> wrote in message
> news:er2NWP35DHA.2908@tk2msftngp13.phx.gbl...
> : Hi,
> :
> : > Not only do you have enter a valid user account for the server, but
that
> : > user account needs to have appropriate NTFS permissions to the actual
> file
> : > you want to read off the server's hard disk. I would check the NTFS
> : > permissions on the server.
> :
> : User account I try to logon with has admnistrator rights, so it can
access
> : and file and folder.
> :
> : Do you have any other suggestion?
> :
> : Thank you.
> :
> :
> :
> : >
> : > Cheers
> : > Ken
> : >
> : >
> : > "NWx" <test@test.com> wrote in message
> : > news:%23Pcl30Y5DHA.1816@TK2MSFTNGP12.phx.gbl...
> : > : Hi,
> : > :
> : > : I developed a small test app using ASP.NET. I left the vistual
folder
> to
> : > be
> : > : accessible only with windows integrated security.
> : > : I try to access that app from another PC in my LAN. I don't have a
> : domain
> : > : controller, the lan works with Workgroup.
> : > :
> : > : When I access that page, I get a user login dialog, aking me to
enter
> : > : username / password
> : > :
> : > : I have an user account on that pc, and try to enter that username,
and
> : > pass,
> : > : but autantication fail and I see that dialog again and again.
> : > :
> : > : To be more specific
> : > :
> : > : server pc is called TTMServer
> : > : PC I try to connect from is called TTMWS
> : > :
> : > : On TTMServer I have a user account with administrative privileges,
> John,
> : > : password John22
> : > : On TTMWS I also have an account John, with pass John22, admin
account
> : type
> : > : too
> : > :
> : > : I work on TTMWS, and I'm logged on account John
> : > :
> : > : When I try to access my app
> : > :
> : > : http://ttmserver/Testapp
> : > :
> : > : I get the user login window.
> : > :
> : > : I try enter user John or user TTMServer\John, and pass John22, but
no
> : > luck.
> : > : I'm not autenticated, so I cannot see that page
> : > :
> : > : What I did wrong? How someone over internet, who have a user account
> on
> : a
> : > PC
> : > : hosting the web server, can access a app which uses Windows
> : autentication
> : > ?
> : > :
> : > : Thank you for any help
> : > :
> : > :
> : > :
> : >
> : >
> :
> :
>
>

Relevant Pages

  • Re: Allow log on locally in Default Domain Controller Policy.
    ... has a reason for local access to a DC. ... Even placing an FTP server on a DC, ... you can still set up your permission to avoid giving local logon access to ... >> There is no reason that a normal user needs to logon to a Domain ...
    (microsoft.public.cert.exam.mcse)
  • Re: Allow log on locally in Default Domain Controller Policy.
    ... There is one reason why a normal user needs logon locally permissions to ... If the user needs FTP access to the server, ... HAVE to give him local logon rights, just because that's the way IIS works. ... > There is no reason that a normal user needs to logon to a Domain Controller. ...
    (microsoft.public.cert.exam.mcse)
  • Re: Allow log on locally in Default Domain Controller Policy.
    ... > has a reason for local access to a DC. ... Even placing an FTP server on a DC, ... > you can still set up your permission to avoid giving local logon access to ...
    (microsoft.public.cert.exam.mcse)
  • SBS 2003 folder redirection, offline files, ..and more
    ... I've worked lots with pcs, general networking, Netware server etc. ... I am familiar with folder redir, ... machine, logon as themselves, get their data off their U drive...yes I ... if..."administrators and other users do not have access rights to the ...
    (microsoft.public.windows.server.sbs)
  • Stand-alone DFS and non-domain users
    ... Recently we got to a storage room shortage, so I bought a Dell NAS ... Our domain controller is 2000 server. ... users got to our folder when they tried to go to thier local ones). ... The problem is with those users who don't logon ...
    (microsoft.public.win2000.file_system)