Re: IIS5 not impersonating Basic Auth'd user on one server

From: Ken Schaefer (
Date: 08/10/04

Date: Tue, 10 Aug 2004 22:01:58 +1000


What exactly is the problem?

I assume you have a user that is hitting the ASP page on your IIS server
(serverA). The ASP page requires Basic Authentication. The ASP page, in
turn, attempts to access an Exchange box (serverB) using WebDAV? Am I
reading this correctly? And the 401 response is on the IIS box? 401 is
Access Denied (for whatever reason) - the user may need to provide
credentials, or there's some other issue.


"Lee Derbyshire" <> wrote in message
> Hi All,
> I originally posted this to the WinHTTP NG, but was advised that it would
> be
> better sent here because it seemed likely that IIS5 (on one server only)
> was
> not impersonating the logged-on user, and this would be the place to ask
> if
> there were any IIS settings that I could check.
> Anyway, here is my original post. Any ideas?
> ...
> I have some classical ASP Microsoft.WinHTTPRequest.5.1 code that uses
> SetAutoLogonPolicy(0) (i.e. always). On nearly all servers it works fine,
> but at one site it fails on one server (although it works on another in
> the
> same AD Domain).
> The code runs under Basic Auth, and can display the "AUTH_USER" and
> "AUTH_PASSWORD" okay. However, when I look at the IIS logs on the same
> server, I do not see the credentials in the requests, just a '-',
> indicating
> no creds, and a 401 response.
> The code is, like I say, protected by Basic Auth, and the requests are DAV
> requests sent to an Exchange VDir protected by Integrated and Basic Auth
> on
> the same server.
> The code normally works fine on other servers, just not on this one
> server.
> Any ideas what I should start looking at?
> Thanks,
> Lee.