Re: Strange password behavior with Linux

From: David Wang [Msft] (
Date: 03/28/03

From: "David Wang [Msft]" <>
Date: Thu, 27 Mar 2003 22:51:05 -0800

There are various technical reasons why IIS6 is only available on Windows
2003. W2K also does not have the necessary technical support for IIS6, and
as NT4 has shown, an SP should not introduce new features (and introducing
the technical support would be a pretty big feature)..

This posting is provided "AS IS" with no warranties, and confers no rights.
"Martin Rådbo" <> wrote in message
David, you pointed me exactly in the right direction. Thanks for that.
You also got a point that the UNC-method in IIS5 is not really ready for use
Do you know if it is possible to upgrade to IIS 6.0 without upgrading the
whole server to .NET (Windows 2003)?
 Martin Rådbo       Tel:  +46-31-54 54 80
 Väderskiftesg. 12  Fax:  +46-31-64 32 64
 418 31  GÖTEBORG   Mob: +46-708-77 01 03  ICQ: 6433239
"David Wang [Msft]" <> skrev i meddelandet
> Sounds like you are talking about having a vdir whose physical directory
> a UNC share, and you want pass-thru authentication.
> If you configure the UNC Username/password for a vdir, then requests to
> UNC share via the vdir will all be made by this configured user.  If you
> not, there are some other steps to be done to allow "pass-thru"
> authentication, where the authenticate user is used to access the UNC
> The latter sounds like the behavior that you want.  Due to an UI bug, if
> ever set the UNC Username/password, even after you uncheck it to "allow
> pass-thru authentication", it still won't work.  The way around this bug
> to either never set the UNC username/password option, recreate the vdir,
> use ADSUTIL/some-other-metabase-editor to delete the UNCUsername and
> UNCPassword properties of the affected vdir.
> There's a bunch of KB articles on the subject of IIS and UNC ( Q214806 is
> the primary one).  This issue does not have a clean solution with IIS5
> it is not supported, scalable, performant).  With IIS6, the UNC scenario
> works very well (performance, scalability, and supported).
> --
> //David
> This posting is provided "AS IS" with no warranties, and confers no
> //
> "Martin Rådbo" <> wrote in message
> news:b4c9g1$1vv$
> We encounter a strange behavior with password sent från IIS to our File
> server. I hope someone could give me a clue about this:
> Files on a file server  A normal connection from the windows server, (for
> example mapping a drive letter in Explorer) works fine with the
> user/pass.
> The webserver runs IIS 5.0 with all latest servicepack and stuff.
> When setting up a website we point the home directory to the share on the
> fileserver together with appropriate user/pass. Second configuration is to
> allow Anonymous access and entering a user/pass for this.
> The user/pass sent to the fileserver when an anonumous user is accessing
> wwebsite is never the one entered as the anonymous account, instead the
> user/pass entered for the file share is used all the time.
> This is not a problem as far as we use Anonymous access since we can enter
> the same user/pass for both Anonymous access and for the home directory's
> access to the file server.
> But, when we disable Anonymous access and the user accessing the website
> enters a user/pass, this is never sent to the file server for
> authentification. It is as I said before, only the user/pass entered for
> home directory is sent to the file server.
> This way the user/pass entered by the user accessing the website has no
> effect. Well, it has the effect that the user must enter a username which
> exist on the webserver  but that means that a user on the server easily
> access all other sites and that is of course not the idéa.
> Our fileserver is a Linux (debian) with a samba share but the problem is
> equal when using a local fileserver with Windows on the same LAN which is
> member of the same domain.
> It seem that IIS change the way it handles password when home directory is
> not local.
> Anyone?
> Sincerely
> Martin Rådbo
> Teknologia