Re: asp/xml security problem in IIS
From: Thomas Deml [Msft] (thomad@online.microsoft.com)
Date: 12/05/02
- Next message: Thomas Deml [Msft]: "Re: Interperting IIS Log Syntax"
- Previous message: Thomas Deml [Msft]: "Re: Path Specific Authorization for IIS 5"
- In reply to: Karl Levinson [x y] mvp: "Re: asp/xml security problem in IIS"
- Next in thread: Karl Levinson [x y] mvp: "Re: asp/xml security problem in IIS"
- Reply: Karl Levinson [x y] mvp: "Re: asp/xml security problem in IIS"
- Reply: jt: "Re: asp/xml security problem in IIS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Thomas Deml [Msft]" <thomad@online.microsoft.com> Date: Thu, 5 Dec 2002 00:49:44 -0800
For this to work you have to do one of the following:
1) Use a domain account as anonymous user (the IUSR account is completely
configurable) and give this domain account rights in SQL Server.
2) If you have to use a local account you have to have to not only sync the
username between the IIS and the SQL box but also the password.
Hope this helps.
-- Thomas Deml Lead Program Manager Internet Information Services Microsoft Corp. "Karl Levinson [x y] mvp" <levinson_k@excite.com> wrote in message news:#DK9HW7mCHA.968@TK2MSFTNGP09... > > "jt" <jtingres@comcast.net> wrote in message > news:tuSdnURaafHOq3GgXTWcpg@comcast.com... > > We have an asp page that uses xml to get information from another > database. > > The problem is since we did some microsoft updates, only administrators on > > the box can see the webpage. All other users on the domain can not see the > > page the xml fails. IUSR has the proper rights on the folder and we have > > lowiis and anoymous checked. Can anyone think of what the problem could > be. > > Thanks > > Well, I suppose you could enable auditing on the web server and/or database > server. It could be that the account you think is being used is not the one > being used. As you may know, if the folder containing the .ASP script is > set to Medium or High "Application Isolation" in the IIS MMC, then the > IWAM_computername account is being used instead of IUSR. > > More info: > > http://securityadmin.info/faq.htm#auditing > http://securityadmin.info/faq.htm#iwam > > Or, it could be that the password for the IUSR account [or whichever account > is used to access the database] has changed either on the web server because > the IIS MMC is set to control the password, or on the SQL server because a > SQL or other patch was installed. This would probably be apparrent after > you enable auditing. You could confirm whether this is the case by trying > to log into windows on the web server using the IUSR account and the > password you think is assigned to the IUSR account, or by using the > ADSUTIL.VBS command to retrieve or set the password for the IUSR or IWAM > account in the IIS metabase. More information on using ADSUTIL can be found > by searching www.microsoft.com/support for the word ADSUTIL. > > > >
- Next message: Thomas Deml [Msft]: "Re: Interperting IIS Log Syntax"
- Previous message: Thomas Deml [Msft]: "Re: Path Specific Authorization for IIS 5"
- In reply to: Karl Levinson [x y] mvp: "Re: asp/xml security problem in IIS"
- Next in thread: Karl Levinson [x y] mvp: "Re: asp/xml security problem in IIS"
- Reply: Karl Levinson [x y] mvp: "Re: asp/xml security problem in IIS"
- Reply: jt: "Re: asp/xml security problem in IIS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
