Re: How to troubleshoot 401 error when connecting using NetworkCre

---

• From: "Henning Krause [MVP]" <newsgroups.remove@xxxxxxxxxxxxxxxxx>
• Date: Wed, 29 Mar 2006 10:45:35 +0200

---

Hello,

For digest authentication to work, the passwords of the user accounts must
be stored using reversible encryption. At least, this is true for IIS 5.
Don't know if this problem is solved in IIS 6, though.

See http://support.microsoft.com/default.aspx?scid=kb;en-us;222028

Greetings,
Henning Krause

"Joe" <Joe@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:879099E3-0052-4575-8EE1-73D9258C54E4@xxxxxxxxxxxxxxxx

Thanks for responding.

which version of IIS is this??

My dev machine is running XP Pro SP1, which I think is IIS 5.1.
But in production I will be using W2003, so IIS6.

in IIS6, digest auth only works against domain accounts by default -

I am using a domain account: i.e. I am instantiating a NetworkCredential
object using a username, password and domain.

why are you using digest? to get around SSL??
You HAVE to enable SSL - regardless of the authentication method -
otherwise
all your communication will be clear text.

My understanding from the IIS documentation is that digest authentication
does *not* transmit credentials in clear text - which is why I want to use
it
rather than basic. The application is intended for use in an Intranet
environment and SSL seems overkill.

Basically I want to be able to connect to a remoting server or web
service
using credentials other than those of the current user; avoid sending
credentials in clear text; and avoid the overkill of using SSL (needing a
certificate on the server etc).

.

---

• Follow-Ups:
  • Re: How to troubleshoot 401 error when connecting using NetworkCre
    • From: Dominick Baier [DevelopMentor]

• References:
  • Re: How to troubleshoot 401 error when connecting using NetworkCredent
    • From: Dominick Baier [DevelopMentor]

• Prev by Date: Re: How to troubleshoot 401 error when connecting using NetworkCre
• Next by Date: Re: if I encrypt key data why do I want or need SSL?
• Previous by thread: Re: How to troubleshoot 401 error when connecting using NetworkCredent
• Next by thread: Re: How to troubleshoot 401 error when connecting using NetworkCre
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: How to troubleshoot 401 error when connecting using NetworkCre ... For digest authentication to work, the passwords of the user accounts ... Don't know if this problem is solved in IIS 6, ... (microsoft.public.dotnet.security) User accounts for FTP access ... Is there a way to set up the FTP server on IIS to use certain user accounts? ... For example, I want to create username and passwords that can get access, ... (microsoft.public.inetserver.iis) IUSR & IWAM Accounts ... Assuming you have already re-created the accounts, ... will now need to tell IIS to use the new ones. ... same password stored for these user accounts. ... old user names and passwords. ... (microsoft.public.inetserver.iis) Re: security breach? ... If your XP firewall is not blocking oubound connections, ... There are various trojans that allow remote access, ... email passwords to a hacker's email address, ... are running IIS, find and look at your IIS log files, if they exist. ... (microsoft.public.security) Re: Identify which users are running which asp pages ... This can be figured out if you recursively search through the IIS metabase ... on that machine looking for hard-coded user accounts for UNC-access, ... Anonymous-Access, or AppPool Identity (any other form of hard-coded accounts ... (microsoft.public.inetserver.iis)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.dotnet.security  > 2006-03