RE: Internet Explorer zones do not have secure settings for some u
- From: Jason <job2@xxxxxxxxxxxxx>
- Date: Mon, 28 Apr 2008 03:38:00 -0700
Thanks for your reply. Once we remove the need for v5 isolation mode, we'll
delete or disable the user.
Cheers,
Jason.
"Steven Cheng [MSFT]" wrote:
Thanks for your reply Jason,.
How about deleting the user profile of the MACHINE\ASPNET account?
#How to delete a user profile in Windows Server 2003
http://support.microsoft.com/kb/814584
and for ASP.NET 2.0, you can use the aspnet_regiis.exe to regrant the
proper permissions for it.
#ASP.NET IIS Registration Tool (Aspnet_regiis.exe)
http://msdn2.microsoft.com/en-us/library/k6h9cz8h(VS.80).aspx
You can try this to see whether it can help also reset the internet
security zone level to the proper value.
Sincerely,
Steven Cheng
Microsoft MSDN Online Support Lead
Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you. Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
msdnmg@xxxxxxxxxxxxxx
==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
From: =?Utf-8?B?SmFzb24=?= <job2@xxxxxxxxxxxxx><KOhDZNCpIHA.2252@xxxxxxxxxxxxxxxxxxxxxx>
References: <8FE53475-5EF1-41AC-AB9C-FE6BC1A72757@xxxxxxxxxxxxx>
Subject: RE: Internet Explorer zones do not have secure settings for some u
Date: Tue, 22 Apr 2008 00:50:00 -0700
accounts.
Thanks for your prompt and thorough reply.
Yes, we are running IIS in v5 compatible mode, so we need to take the time
to get our app running properly with v6. It was the non-interactive local
account that caused us worries. We've corrected our other service
against
Otherwise, the server is a new clean install.
Cheers,
Jason.
"Steven Cheng [MSFT]" wrote:
Hi Jason,
From your description, the Baseline Analyzer is reporting warning
thethe machine\ASPNET account since its internet zone setting doesn't fit
toexpected level. I haven't used the baseline tool much, have you checked
tosee whether the analyzer has any account specific customization options
usedcontrol such validation?
Based on my understanding, machine\ASPNET is a non-interactive local
account. It is the default ASP.NET process account for IIS5. For WINDOWS
2K3 IIS6, the default service account should be "Network Service" unless
you configure IIS6 to run as IIS5 compatible mode. Is this the case? If
you're not using IIS 5 compaitble mode, MACHINE\ASPNET account is not
andby ASP.NET, you can try disabing it to see whether the warning will be
eliminated.
BTW, do you know whether there has been any parituclar changes on the
server which may have customized the internet zone level of all the
accounts?
Sincerely,
Steven Cheng
Microsoft MSDN Online Support Lead
Delighting our customers is our #1 priority. We welcome your comments
Pleasesuggestions about how we can improve the support we provide to you.
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notiffeel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
msdnmg@xxxxxxxxxxxxxx
==================================================
Get notification to my posts through email? Please refer to
rights.ications.
==================================================
This posting is provided "AS IS" with no warranties, and confers no
some
--------------------
Thread-Topic: Internet Explorer zones do not have secure settings for
usersusers
thread-index: Acij2WDCPMPR2o4HRvCIc2DJ0P26Sg==
X-WBNR-Posting-Host: 84.233.152.66
From: =?Utf-8?B?SmFzb24=?= <job2@xxxxxxxxxxxxx>
Subject: Internet Explorer zones do not have secure settings for some
onDate: Mon, 21 Apr 2008 10:59:00 -0700
I'm not really sure where this should be posted as this is a Baselineacross
Security Analyzer question but I'm hoping someone here would have come
this.
I'm using MS Baseline Security Analyzer (2.0.6706.0) to check a web app
hasWin 2k3 we've developed with .Net but we're getting a Servere Risk withthe
IE Zones for the ASPNET account.
The message is:
Some or all of the user settings for the following zones are below the
recommended level.
User: XXXX\ASPNET
Zone: Internet
Level: High (Custom)
Recommended Level: High
Anyone come across this before? If so, is there a method to close this
issue? I've done a few searches but I can't find anything so if not,
MS
addressed any concerns this error might raise?
Cheers for any answers you can provide,
Jason.
- References:
- Internet Explorer zones do not have secure settings for some users
- From: Jason
- RE: Internet Explorer zones do not have secure settings for some users
- From: Steven Cheng [MSFT]
- RE: Internet Explorer zones do not have secure settings for some u
- From: Jason
- RE: Internet Explorer zones do not have secure settings for some u
- From: Steven Cheng [MSFT]
- Internet Explorer zones do not have secure settings for some users
- Prev by Date: Re: ASP authentification by ip-number
- Next by Date: how can restrict access the WebResource.axd simply type URL
- Previous by thread: RE: Internet Explorer zones do not have secure settings for some u
- Next by thread: Problems with ASP.NET 2.0 application in subdirectory on a shared host
- Index(es):
Relevant Pages
|
|
