RE: Internet Explorer zones do not have secure settings for some u
- From: Jason <job2@xxxxxxxxxxxxx>
- Date: Tue, 22 Apr 2008 00:50:00 -0700
Thanks for your prompt and thorough reply.
Yes, we are running IIS in v5 compatible mode, so we need to take the time
to get our app running properly with v6. It was the non-interactive local
account that caused us worries. We've corrected our other service accounts.
Otherwise, the server is a new clean install.
Cheers,
Jason.
"Steven Cheng [MSFT]" wrote:
Hi Jason,.
From your description, the Baseline Analyzer is reporting warning against
the machine\ASPNET account since its internet zone setting doesn't fit the
expected level. I haven't used the baseline tool much, have you checked to
see whether the analyzer has any account specific customization options to
control such validation?
Based on my understanding, machine\ASPNET is a non-interactive local
account. It is the default ASP.NET process account for IIS5. For WINDOWS
2K3 IIS6, the default service account should be "Network Service" unless
you configure IIS6 to run as IIS5 compatible mode. Is this the case? If
you're not using IIS 5 compaitble mode, MACHINE\ASPNET account is not used
by ASP.NET, you can try disabing it to see whether the warning will be
eliminated.
BTW, do you know whether there has been any parituclar changes on the
server which may have customized the internet zone level of all the
accounts?
Sincerely,
Steven Cheng
Microsoft MSDN Online Support Lead
Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you. Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
msdnmg@xxxxxxxxxxxxxx
==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
Thread-Topic: Internet Explorer zones do not have secure settings for someusers
thread-index: Acij2WDCPMPR2o4HRvCIc2DJ0P26Sg==
X-WBNR-Posting-Host: 84.233.152.66
From: =?Utf-8?B?SmFzb24=?= <job2@xxxxxxxxxxxxx>
Subject: Internet Explorer zones do not have secure settings for some users
Date: Mon, 21 Apr 2008 10:59:00 -0700
I'm not really sure where this should be posted as this is a Baselineacross
Security Analyzer question but I'm hoping someone here would have come
this.the
I'm using MS Baseline Security Analyzer (2.0.6706.0) to check a web app on
Win 2k3 we've developed with .Net but we're getting a Servere Risk with
IE Zones for the ASPNET account.MS
The message is:
Some or all of the user settings for the following zones are below the
recommended level.
User: XXXX\ASPNET
Zone: Internet
Level: High (Custom)
Recommended Level: High
Anyone come across this before? If so, is there a method to close this
issue? I've done a few searches but I can't find anything so if not, has
addressed any concerns this error might raise?
Cheers for any answers you can provide,
Jason.
- Follow-Ups:
- RE: Internet Explorer zones do not have secure settings for some u
- From: Steven Cheng [MSFT]
- RE: Internet Explorer zones do not have secure settings for some u
- References:
- Internet Explorer zones do not have secure settings for some users
- From: Jason
- RE: Internet Explorer zones do not have secure settings for some users
- From: Steven Cheng [MSFT]
- Internet Explorer zones do not have secure settings for some users
- Prev by Date: RE: Internet Explorer zones do not have secure settings for some users
- Next by Date: Web interface for SQL Security Users and Roles
- Previous by thread: RE: Internet Explorer zones do not have secure settings for some users
- Next by thread: RE: Internet Explorer zones do not have secure settings for some u
- Index(es):
Relevant Pages
|
