trying to post to aspx anonyomously is blocked?

From: Larry (Larry_at_froghaven.com)
Date: 04/19/04


Date: Mon, 19 Apr 2004 09:16:43 -0700

I have written a webform page to respond to a users post on the web site.
This worked on the test site which had anonymous turned off. I then moved it
to the regular web site (copied the files, reinstalled the FP extension) and
chaged the setting for anonymous use. but when I try to post the form
results to the aspx page I keep getting the windows authentication dialog.
If I go ahead and give the credentials the page goes ahead and works but I
want this page to work without having need a log in.

I've tried everything I can think of concerning the permissions (which to my
way of thinking must be the problem) on the files and directories that the
aspx page resides in, and the various dotnet directories (per the setting up
an ASPUSER account KB). I've tried adding IUSR_machine to all of them, and I
still get the log-on challenge.

Someone (from the usoft support center) told me once that the NETWORK,
SYSTEM and INTERACTIVE accounts have to have full control on all the
directories, so I check and in some cases modified those to have full
access, still the same behavior. (BTW is there a white paper or something
that explains the purpose of these accounts, when they need to be present
and what permissions they need have when present? The security articles keep
saying remove any unnessecary accounts from various directories but never a
word of if these are needed or are they like the "everyone" account;
automatically added giving unwarrented access to things.)

My server is a win2K server and needs to run IIS (with FPextensions and
dotnet), exchange, SQL, and activedirectory. I know this is not the
recommended configuration but I don't have the billions of dollars usoft has
to run a seperate server for each function. Obviously system admin is not my
forte so I would appreciate as much detailed help as you can give me in
getting the premissions and other security setting set up correctly.

oh yes one other note of interest; I do have the aspx's web.config set to
windows authentication with impersonate set to true.

-Larry



Relevant Pages

  • Re: User configuration question
    ... I'm using AD user accounts as I'm not aware of another way of doing it. ... > SQL server back-end, then why are you using AD user accounts? ... >> and restrict them only to accessing a single web site? ... >> The web site is configured to use Windows authentication, ...
    (microsoft.public.windows.server.security)
  • Re: User configuration question
    ... SQL server back-end, then why are you using AD user accounts? ... > The web site is configured to use Windows authentication, ... the account need Local, Network, or both login rights. ...
    (microsoft.public.windows.server.security)
  • Re: User configuration question
    ... > I'm using AD user accounts as I'm not aware of another way of doing it. ... not recommend use of IIS on a DC - but in a single server SBS ... Deny local login and to Deny network login. ... >>> The web site is configured to use Windows authentication, ...
    (microsoft.public.windows.server.security)
  • Re: Unable to connect to online bank acct
    ... your bank. ... into our accounts we get one of three messages 1) http error 2)access denied ... > Page on a Secure Web Site ... > You Cannot Access Your MSN E-mail Account or Authenticate with a Web ...
    (microsoft.public.windowsxp.help_and_support)
  • Re: Sheldon Posting Bukake Photos in RFC
    ... kills all your accounts. ... Has google killed any accounts that you know of? ... doesn't give a shit about what its users post. ...
    (rec.food.cooking)