Re: IIS 6 fails anonymous connection
From: David Wang [Msft] (someone_at_online.microsoft.com)
Date: 05/14/04
- Next message: Aaron: "Password expiration notification"
- Previous message: David Wang [Msft]: "Re: IIS 6 Authentication Process for K-12 Schools"
- In reply to: JonathanL: "IIS 6 fails anonymous connection"
- Next in thread: JonathanL: "Re: IIS 6 fails anonymous connection"
- Reply: JonathanL: "Re: IIS 6 fails anonymous connection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 14 May 2004 11:09:20 -0700
A newly built IIS6 server does not have the "system controlling the
password" option for the anonymous user account.
So, either you upgraded from IIS5 or are using sub-authentication (which is
the "system controlling the password" feature) but didn't configure it
correctly, or you're not using sub authentication, modified the anonymous
username/password, and didn't sync up the credentials correctly with the
local SAM.
In both cases, you have the anonymous user misconfigured, so Anonymous
access will all fail with 401.1 -- which is what you are seeing.
I suggest you configure the IUSR and password correctly at the W3SVC node
(I'm assuming you have one global IUSR account) and NOT use
sub-authentication, which requires additional setup and weakens your system
security by requiring LocalSystem privileges.
You can sync the IUSR account by manually changing the password in the "NT
User Manager" and use ADSUTIL to set the W3SVC/AnonymousUserPass and
W3SVC/AnonymousUserName properties (I'm assuming you have one global IUSR
account -- if not, you'll need to set it both globally and manually sync in
all other places).
-- //David IIS This posting is provided "AS IS" with no warranties, and confers no rights. // "JonathanL" <anonymous@discussions.microsoft.com> wrote in message news:74AADA90-BC95-42AF-96C7-D4D4E5A2809C@microsoft.com... I have a newly built Windows Server 2003, with IIS 6 installed. Server is a domain member server. I copied the content from an IIS 5 server which is a member of the same domain. IIS authentication for IIS 6 website is set to allow anonymous only using IUSR account with system controlling the password. NTFS for website folders is set to IUSR RO, Admins/System/Everyone FC. When I open the browser on the IIS 6 server (or any computer on the domain) and try to open the website, I get a 401.1 error. If I add IIS Integrated authentication, I can view it. The website is a public website (static content only though asp is enabled) so I don't want Integrated authentication used, only Anonymous. What am I missing here that I can't view the website when only Anonymous authentication is allowed?
- Next message: Aaron: "Password expiration notification"
- Previous message: David Wang [Msft]: "Re: IIS 6 Authentication Process for K-12 Schools"
- In reply to: JonathanL: "IIS 6 fails anonymous connection"
- Next in thread: JonathanL: "Re: IIS 6 fails anonymous connection"
- Reply: JonathanL: "Re: IIS 6 fails anonymous connection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
