HTTP 401.3 Unauthorized due to access control list (ACL) on resource - Oddity (reproducable)
From: Robert Melton (rmelton_at_speakeasy.net)
Date: 06/10/04
- Next message: Bernard: "Re: FTP Hacked - Can't Delete Files as Admin"
- Previous message: Steven L Umbach: "Re: File sharing between an AD Domain controller and a member server through a firewall"
- In reply to: Steven L Umbach: "Re: File sharing between an AD Domain controller and a member server through a firewall"
- Next in thread: Clementius: "Re: File sharing between an AD Domain controller and a member server through a firewall"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 10 Jun 2004 03:09:13 -0400
Platform: Windows XP / IIS 5.1
I am attempting to track down what causes the "HTTP 401.3 Unauthorized
due to access control list (ACL) on resource" on my IIS instance. The
behavior is as follows.
I have a virtual directory, called "T", that is linked to a real
directory in my path "C:\Test". In this file is "Hello.html" and
"Hello.asp" -- both files made simply for test purposes.
The virtual directory is setup to allow both anon login (via
"iusr_machinename") and windows authentication (default permission
configuration).
The real directory is setup with "iusr_machinename" having [full]
permissions (simply to make the testing more clear).
After I start the IIS process and I goto hit "http://mysite/T/" -- I get
a prompt asking me for a username and password (for windows
authentication). If I do not give a username and password, I can not
get to the site, anon access is not functional. Once I provide a
username and password, I can get to the site.
Here is were it gets "odd" -- once I have logged in using windows
authentication once, I can go to a separate machine and access that page
anonymously ( I used a separate machine just to ensure password was not
being cached or saved or anything like that ).
Essentially, once I log on using windows authentication, some process
"happens" that suddenly allows the anon account ("iusr_machinename") to
function, I have no idea what happens to cause this.
If there is an explanation for this behavior, or even better, some
way to change it, I'd love to know.
-- Robert Melton
- Next message: Bernard: "Re: FTP Hacked - Can't Delete Files as Admin"
- Previous message: Steven L Umbach: "Re: File sharing between an AD Domain controller and a member server through a firewall"
- In reply to: Steven L Umbach: "Re: File sharing between an AD Domain controller and a member server through a firewall"
- Next in thread: Clementius: "Re: File sharing between an AD Domain controller and a member server through a firewall"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
