Re: IISADMPWD Issue
From: Karl Levinson [x y] mvp (firstname.lastname@example.org)
From: "Karl Levinson [x y] mvp" <email@example.com> Date: Thu, 17 Apr 2003 09:53:46 -0400
I believe there are some known security issues with the IISADMPWD page
[specifically, the .HTR files that are necessary for the page to work]. I
would recommend writing your own ADSI script by copying the sample script
found at www.iisfaq.com or www.google.com It should be easier than you
Try enabling failure auditing on the web server and the domain controllers
to see who is being denied access to what:
Also, I am guessing that you want to make sure that Anonymous authentication
is not enabled on those files.
Here is some more information that may help you:
"Victor" <firstname.lastname@example.org> wrote in message
> I am trying to utilize the IISADMPWD/Password Change
> features in a W2K environment. I am using the MS
> Certificate Services on a local W2K server and the
> IISADMPWD virtual directory is on a different W2K server.
> I can access the password change page fine, but when I try
> to change the password for a domain account, I get the
> following response:
> Logon Failure: user account restriction
> This happens with any domain account account I try to
> change the passsword for.
> Domain Group Policies as well as Group Poicies for Member
> servers are in effect, but I cannot figure out if and
> which policies are casuing the error.
> Any help will be appreciated.