Re: Access requires password

From: Brian (bldoss01_at_acm.org)
Date: 12/22/03

• Next message: Ken Widmaier: "Re: IIS authentication across domains"
• Previous message: Jeff Cochran: "Re: IIS security alert - new attack?"
• In reply to: Bernard: "Re: Access requires password"
• Next in thread: Bernard: "Re: Access requires password"
• Reply: Bernard: "Re: Access requires password"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 22 Dec 2003 10:44:04 -0800

Yes, IUSR_Coputername has guest access -- read, read &
execute, write access to the Inetpub/wwwroot folder.

How does one make sure that an account isn't locked
(IUSR_computername)? The system keeps asking for id and
password and none of the id passwords work -- including
the admin id.

Brian

>-----Original Message-----
>401.3 - Unauthorized due to ACL on resource.
>
>Check if related user has NTFS permission to access the
files/folders.
>
>--
>Regards,
>Bernard Cheah
>http://support.microsoft.com/
>Please respond to newsgroups only ...
>
>
>
>"Brian" <bldoss01@acm.org> ????
>news:01b701c3c810$468cf260$a101280a@phx.gbl...
>> I made a mistake. The logs show 401 3 5 (not 403) for
>> each attempt to access the site.
>>
>> How does one check to make sure the IUSR account is not
>> locket out?
>>
>> In teh process of trying to get the site accessable
over
>> the past few days, I have changed many setting all
over.
>> In the process, i now cannot access my event viewer for
>> system and applications. Is there a way to reset all
>> settings to the original?
>>
>> Thanks.
>> >-----Original Message-----
>> >Hi Brian,
>> >
>> > The 403.3 indicates that you have not allowed write
>> access to your
>> >directory and the 403.5 tells us that someone is
trying
>> to access your site
>> >wih a client certificate that isn't using 128bit
>> encryption.
>> >403.3 - Write access forbidden.
>> >403.5 - SSL 128 required.
>> > If you are trying to use annonymous authentication
>> make sure your IUSR
>> >account isn't locked out, and that your passwords are
>> synced.
>> >
>> >
>> >Best regards,
>> >Jason M. Murray [MSFT]
>> >This posting is provided "AS IS" with no warranties,
and
>> confers no rights.
>> >Use of included script samples are subject to the
terms
>> specified at
>> >http://www.microsoft.com/info/cpyright.htm.
>> >
>> >
>> >--------------------
>> >| Content-Class: urn:content-classes:message
>> >| From: "Brian" <bldoss01@acm.org>
>> >| Sender: "Brian" <bldoss01@acm.org>
>> >| Subject: Access requires password
>> >| Date: Sat, 20 Dec 2003 09:39:45 -0800
>> >| Lines: 18
>> >| Message-ID: <014101c3c720$4208cde0$a101280a@phx.gbl>
>> >| MIME-Version: 1.0
>> >| Content-Type: text/plain;
>> >| charset="iso-8859-1"
>> >| Content-Transfer-Encoding: 7bit
>> >| X-Newsreader: Microsoft CDO for Windows 2000
>> >| Thread-Index: AcPHIEII16A4k/5bR8uSW68zJmD1Fg==
>> >| X-MimeOLE: Produced By Microsoft MimeOLE
>> V5.50.4910.0300
>> >| Newsgroups: microsoft.public.inetserver.iis.security
>> >| Path: cpmsftngxa07.phx.gbl
>> >| Xref: cpmsftngxa07.phx.gbl
>> microsoft.public.inetserver.iis.security:8047
>> >| NNTP-Posting-Host: tk2msftngxa09.phx.gbl 10.40.1.161
>> >| X-Tomcat-NG:
microsoft.public.inetserver.iis.security
>> >|
>> >| My IIS 6 on Server 2003 worked fine for a month.
Then,
>> >| all of a sudden, it began prompting for a user ID
and
>> >| password and no id password combinations worked,
>> >| including the admin.
>> >|
>> >| The system had not been touched for 3 days prior to
>> this
>> >| beginnning to happen. The logs show a 403.3 and
403.5
>> >| errors when trying to access the site.
>> >|
>> >| I have checked NT settings and all the settings on
IIS
>> >| necessary to get it going, to no avail. In the
>> process, I
>> >| changed teh password on IUSR_computername on NT and
>> the
>> >| IIM manager.
>> >|
>> >| Any sugestions would be appreciated. Norton has not
>> >| detented any virus on this machine.
>> >|
>> >| Thanks.
>> >|
>> >
>> >.
>> >
>
>
>.
>

• Next message: Ken Widmaier: "Re: IIS authentication across domains"
• Previous message: Jeff Cochran: "Re: IIS security alert - new attack?"
• In reply to: Bernard: "Re: Access requires password"
• Next in thread: Bernard: "Re: Access requires password"
• Reply: Bernard: "Re: Access requires password"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Access requires password ... write access to the Inetpub/wwwroot folder. ... How does one make sure that an account isn't locked ... password and none of the id passwords work -- including ... >> How does one check to make sure the IUSR account is not ... (microsoft.public.inetserver.iis.security) Re: asp/xml security problem in IIS ... I suppose you could enable auditing on the web server and/or database ... IWAM_computername account is being used instead of IUSR. ... it could be that the password for the IUSR account [or whichever account ... (microsoft.public.inetserver.iis.security) Re: ODBC vs OLEDB - Is there a real differnece? ... account if the SQL Server is on another machine on the network ... ... :> a) To get to ODBC you now need to go through an OLEDB Provider (the ... :>> not do this and just use the IUSR account through the ODBC driver. ... (microsoft.public.inetserver.asp.db) Re: asp/xml security problem in IIS ... Use a domain account as anonymous user (the IUSR account is completely ... > is used to access the database] has changed either on the web server ... (microsoft.public.inetserver.iis.security) Re: Anonymous Account not working ... Microsoft MVP (Windows Server: Security) ... I recently built a new webserver to replace an existing server. ... I replaced the broken SID of the old IUSR account on all of the ... (microsoft.public.inetserver.iis.security)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint