Re: IIS authentication - Update 2

From: Blake (blake_duffey_at_NOSPAM.hotmail.com)
Date: 02/26/04

• Next message: Tom Kaminski [MVP]: "Re: IIS authentication"
• Previous message: Blake: "Re: IIS authentication - UPDATE"
• In reply to: Blake: "IIS authentication"
• Next in thread: Tom Kaminski [MVP]: "Re: IIS authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Thu, 26 Feb 2004 10:09:46 -0500

Now the 'change password' seems to work:

The server was unable to logon the Windows NT account 'testbb' due to the
following error: The user's password must be changed before logging on the
first time.

I guess I should have waited longer when I disabled the IDs.

Blake

"Blake" <blake_duffey@NOSPAM.hotmail.com> wrote in message
news:ONbaQiH$DHA.2316@tk2msftngp13.phx.gbl...
> OK - I have IIS 5 on a member server. The files are set at the NTFS level
> to 'authenticated users' (RX) and the IIS folder is set to 'basic
> authentication' ONLY. I have SSL required for this folder. I am trying
to
> allow only valid AD users to visit this page:
>
> 1) can a user whose account is DISABLED view this page? I thought no, but
> today it seems to work
> 2) in the past an account that was marked 'user must change password at
next
> logon' could NOT access this page, but now that seems to work too
> 3) if an account has it's password expire, can that account visit my web
> page?
>
> Does anyone have any references on the connection between AD IDs and IIS
> authentication?
>
> Thanks, as always
> Blake
>
>

---

• Next message: Tom Kaminski [MVP]: "Re: IIS authentication"
• Previous message: Blake: "Re: IIS authentication - UPDATE"
• In reply to: Blake: "IIS authentication"
• Next in thread: Tom Kaminski [MVP]: "Re: IIS authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: AD Last User Logon Question ... authentication against an Exchange server to read ... > mode you are not replicating the attribute and thus the times on the DCs ... > the times that they were used by the user account to authenticate, ... Last logon is not a replicated attribute, ... (microsoft.public.windows.server.active_directory) Re: source of Failure Audits is Default Web Site ... that website stops these errors. ... I am guessing that the IUSR_SVR1 account ... running (so that IIS tries to logon for authentication using username/ ... (microsoft.public.inetserver.iis.security) Re: auditing question ... "Account logon" events are generated in the Security log of the machine ... performing the authentication, i.e. the one that has access to the ... (microsoft.public.windows.server.security) REPOST: Windows Integrated Security w/ ASP .NET on IIS5 Win 2k Works Inconsistently ... ASP .NET machine account: Read & Execute, List, Read, Write ... The authentication failures are also logged in the Security log of the ... Logon Failure: ... (microsoft.public.inetserver.iis.security) Re: Windows Integrated Authentication and Kerberos ... That will cause Kerberos Auth to fail. ... I'm having problems with setting up the Kerberos Authentication. ... The computer account for the member server has the "Trust this computer for delegation to any service " option enabled in Active Directory. ... Successful Network Logon: ... (microsoft.public.inetserver.iis.security)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(17)