Re: Problem establishing SSL connection in code-behind



It appears that you have the correct audits configured on the machine. The
audits being recorded are all of the security events, some of which
correspond to the web server processing logons. The 540 event is the logon
event you would be looking for and the event details should contain the
username of the user who was authenticated, the logon package used, the
source IP address, etc. The time should also match when the wfetch or .NET
code executed.

The key is to look in the details of these logon events to see if you see
anything different between what is generated for wfetch vs. .NET. That is
likely the key to the troubleshooting.

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"gnewsgroup" <gnewsgroup@xxxxxxxxx> wrote in message
news:45ac50fe-7d46-48f2-8e69-b860e08c8e5b@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
On Jan 4, 4:04 pm, "Joe Kaplan"
<joseph.e.kap...@xxxxxxxxxxxxxxxxxxxxxxxx> wrote:
You aren't going to get much useful info from the client side. What do
the
logon audit events on the remote server say for both the working case and
the failing case?

Regarding the fact that you get the same results with and without SSL,
that
is not surprising as we already ruled out that SSL was the problem in our
previous discussion.

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services
Programming"http://www.directoryprogramming.net

OK, it looks like that logon audit log says that all logon have been
successful. See the screen shots at the following URL.

http://gnewsgroup.googlepages.com/logonauditscreenshots

But, are those logon/logoff stuffs web events?


.



Relevant Pages

  • Re: Web Single Sign On
    ... Joe Kaplan-MS MVP Directory Services Programming ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ... current Windows credentials to the server, ... This common identity is the user's username used to logon to the ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Validating Old Passwords Before Changing Them
    ... Joe Kaplan-MS MVP Directory Services Programming ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ... I'd like to write a custom logon control, and I've run into a snag ... Doing an LDAP Bind() fails with the current creds. ...
    (microsoft.public.windows.server.active_directory)
  • Re: SetPassword and ChangePassword Invoke
    ... You can't get out of that state programmatically with ADSI using ... Win Logon has some special way that it handles this, ... Joe Kaplan-MS MVP Directory Services Programming ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ...
    (microsoft.public.windows.server.active_directory)
  • Re: Password Expiration
    ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ... ' Expire the password so it must be change at next logon. ... Whenever this script runs, the user will need to change their password ... maximum password age affecting domain user accounts is a domain-level ...
    (microsoft.public.windows.server.active_directory)
  • Re: Normal Logon Failure Audits?
    ... > Finally have the dialup lockup problem resolved, now on to the logon ... audits. ... > by advapi in the security log are simply just attempts by winxp itself to ... > login to existing accounts with a blank password. ...
    (microsoft.public.windowsxp.security_admin)