Re: Frontpage search feature do not work after installing URLSCAN

From: David Wang [Msft] (someone_at_online.microsoft.com)
Date: 08/01/03

  • Next message: David Wang [Msft]: "Re: URLScan on multiple servers"
    Date: Fri, 1 Aug 2003 03:05:48 -0700
    
    

    401.3 is unrelated to URLScan. It means "Access is denied by ACL", meaning
    the ACL on the resource searchlt.idq has changed such that the authenticated
    user that is accessing the resource doesn't have read permissions to it.

    You want to check:
    1. vdir containing resource uses what sort of authentication -- anonymous,
    basic, NTLM, etc
    2. who are you authenticated as when you request the resource -- if
    anonynmous, it is IUSR (unless you or FrontPage otherwise configured it);
    otherwise, then it's the identity you're logged in as, if both client and
    server are in the same domain
    3. What are the ACLs on the resource itself and the ISAPI DLL that handles
    .idq.

    All three must align to or else 401.3 can result.

    -- 
    //David
    This posting is provided "AS IS" with no warranties, and confers no rights.
    //
    "STL" <stl7@hotmail.com> wrote in message
    news:07c001c35739$da6bb4f0$a601280a@phx.gbl...
    I have just install URLSCAN in my win2k server.
    I have used the frontpage website search component in my
    website. This component uses the indexing service.
    When I tried to access the page
    http://testsvr/myweb/v4static/searchlt.idq
    I get this error msg:
    HTTP 401.3 - Access denied by ACL on resource
    Help please... I have tried removing URLSCAN and
    reinstalling my IIS and this error still exist!
    

  • Next message: David Wang [Msft]: "Re: URLScan on multiple servers"

    Relevant Pages

    • Re: IIS6 - Integrated Authentication Probs
      ... When you use Basic authentication, ... outlined in Chapter 5 of the IIS 6 Resource Kit: ... > b) - Despite the fact these credentials are being parsed, ... > Hence - this is a general problem with the way the web server is using my ...
      (microsoft.public.inetserver.iis.security)
    • Re: IIS6 - Integrated Authentication Probs
      ... So I cant go the whole way with constrained delegation, ... > what makes it more secure that Basic authentication. ... >> credentials to authenticate with the target resource. ...
      (microsoft.public.inetserver.iis.security)
    • Re: Kerberos machine authentication - apparent authentication fail
      ... I installed the Resource Kit. ... > mean that kerberos authentication is not being used. ... Three machines are workstations and three are ...
      (microsoft.public.windows.server.security)
    • Re: HTTP 401.3 error: Please help - Urgent.
      ... You are supposed to be using only Basic authentication, ... Can you try filemon from www.sysinternals.com and see what resource is ... generating access denied and for what user identity. ... in with whatever account that it uses to authenticate in. ...
      (microsoft.public.inetserver.iis)
    • Re: localhost vs. macinename in URL (access denied)
      ... Impersonation with Integrated Authentication will work if you are accessing ... a resource on the same machine. ... being delegated to allow delegation or change the computer account to allow ...
      (microsoft.public.dotnet.security)