Re: UNC path authentication problem
From: EricTsai - 蔡宗翰 (erictsai_at_yam.com.asdfoup)
Date: 08/13/04
- Next message: Hans Olav Stjernholm: "Does Http.sys block all mobile device requests?"
- Previous message: Daniel Schade \(remove NOSPAM.PLEASE for answer\): "Re: X-Forwarded-For"
- In reply to: Bernard: "Re: UNC path authentication problem"
- Next in thread: Tom Kaminski [MVP]: "Re: UNC path authentication problem"
- Reply: Tom Kaminski [MVP]: "Re: UNC path authentication problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 13 Aug 2004 22:12:13 +0800
Bernard, thank you for explaning 500.16 error.
Pass-through authentication is not what I need.
I'm sure username and password I typed in virtual dir. setting is correct.
It does exist on remote file server.
I connect to the UNC share so many times to verify that.
I got 500.16 even though the it's correct.
In order to let it work,
I have to create an extra local account with the same name and password I
specified in virtual dir. setting.
(both are stand-alone server)
Now it works.
This is an undocumented action.
Is this normal or not?
(I haven't seen any document says I must create extra local account.)
Maybe there're some design problems in IIS.
"Bernard" <qbernard@hotmail.com.discuss> 撰寫於郵件新聞
:ud4thKSgEHA.2896@TK2MSFTNGP11.phx.gbl...
> If you don't specify user credential in the UNC path setting, then you
want
> pass-through authentication, which either use the authenticated users of
the
> app, either an authenticated user (in basic or other auth) or iusr for the
> case of anonymous access. since these identities doens't have valid
account
> in the remote resource, ACL checking will failed and you got - 500.16
> 500.16 每 UNC authorization credentials incorrect.
>
> so pass-through is good if you want to authenticated user to access remote
> resource, and the resource server able to authenticate that particular
user,
> if not the best is create a account in resource server, specify the user
> credential at the UNC path configuration.
>
> Opne IIS MMC, F1- look for UNC authentication.
>
> --
> Regards,
> Bernard Cheah
> http://www.tryiis.com/
> http://support.microsoft.com/
> http://www.msmvps.com/bernard/
>
>
>
> "EricTsai - 蔡宗翰" <erictsai@yam.com.asdfoup> wrote in message
> news:#LoZh9QgEHA.3548@TK2MSFTNGP09.phx.gbl...
> > I DO have an account with the user name and password I specified in
> virtual
> > directory setting on the resource box.
> > I DON'T have an account with the user name and password I specified in
> > virtual directory setting on the IIS box.
> > In this circumstance, the settings doesn't work!
> >
> > After I create the same account on the IIS computer,
> > it start working.
> >
> > This is my IIS log before I create the account on the IIS computer.
> > 04:58:51 GET /zwai - 140.113.91.245 500 16 1326
> > 04:59:18 GET /zwai - 140.113.91.245 500 16 1326
> > 04:59:18 GET /zwai - 140.113.91.245 500 16 1326
> >
> > "Bernard" <qbernard@hotmail.com.discuss> 撰寫於郵件新聞
> > :uAiPGSQgEHA.1972@TK2MSFTNGP09.phx.gbl...
> > > If it's within same domain auth, then local user is not needed, if
total
> > > standalone box, you will need a local account on the resource box.
Post
> > your
> > > iis log file here.
> > >
> > > --
> > > Regards,
> > > Bernard Cheah
> > > http://www.tryiis.com/
> > > http://support.microsoft.com/
> > > http://www.msmvps.com/bernard/
> > >
> > >
> > >
> > > "EricTsai - 蔡宗翰" <erictsai@yam.com.asdfoup> wrote in message
> > > news:#9HqlTPgEHA.1184@TK2MSFTNGP12.phx.gbl...
> > > > Ken, I agree with you.
> > > > As I learned from MCSE traning courses and online webpages,
> > > > the local user does not need to exist.
> > > > But in my experiment,
> > > > create a local user with the user name and password I specified in
IIS
> > can
> > > > solve the problem.
> > > > Have you done any setting like this successfully recently?
> > > > Another message titled "Win2k IIS5 FTP Server Error" by RG in this
> > > newsgroup
> > > > a week ago
> > > > seems to have the same problem as mine.
> > > >
> > > >
> > > > Here's the message. Nothing seems helpful.
> > > >
> > > > The page cannot be displayed
> > > > There is a problem with the page you are looking for, and it cannot
be
> > > > displayed.
> > >
> >
>
> --------------------------------------------------------------------------
> > > --
> > > > ----
> > > >
> > > > Please try the following:
> > > >
> > > > Contact the Web site administrator to inform them that this error
has
> > > > occured for this URL address.
> > > > HTTP Error 500 - Internal server error.
> > > > Internet Information Services (IIS)
> > > >
> > >
> >
>
> --------------------------------------------------------------------------
> > > --
> > > > ----
> > > >
> > > > Technical Information (for support personnel)
> > > >
> > > > Go to Microsoft Product Support Services and perform a title search
> for
> > > the
> > > > words HTTP and 500.
> > > > Open IIS Help, which is accessible in IIS Manager (inetmgr), and
> search
> > > for
> > > > topics titled Web Site Administration, and About Custom Error
> Messages.
> > > > In the IIS Software Development Kit (SDK) or at the MSDN Online
> Library,
> > > > search for topics titled Debugging ASP Scripts, Debugging
Components,
> > and
> > > > Debugging ISAPI Extensions and Filters.
> > > >
> > > >
> > > >
> > > > "Ken Schaefer" <kenREMOVE@THISadOpenStatic.com> 撰寫於郵件新聞
> > > > :#rn0U8NgEHA.140@TK2MSFTNGP12.phx.gbl...
> > > > > Hi,
> > > > >
> > > > > A local user does not need to exist. In internet explorer, please
> > > uncheck
> > > > > "Show Friendly HTTP Errors" in tools -> internet options ->
> advanced.
> > > > Reload
> > > > > the page, and post the error you now see.
> > > > >
> > > > > Cheers
> > > > > Ken
> > > > >
> > > > > "EricTsai - 蔡宗翰" <erictsai@yam.com.asdfoup> wrote in message
> > > > > news:OiRfqWIgEHA.384@TK2MSFTNGP10.phx.gbl...
> > > > > > Thank you Tom.
> > > > > >
> > > > > > I know that the username I specified in IIS Manager must exist
on
> > the
> > > > > > remote
> > > > > > server (server that shares the folder),
> > > > > > but I don't see any document says on local server (server
running
> > IIS)
> > > > > > there
> > > > > > must exist a user with the username and password I specified.
> > > > > > Maybe I misunderstand you answer, or you misread my statement.
> > > > > >
> > > > > > Can you show me the link of the document?
> > > > > > I've checked the following:
> > > > > >
> > > >
> > >
> >
>
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/webapp/iis/remstorg.mspx
> > > > > > "Accessing the Remote File Server" Section
> > > > > >
> > > >
> > >
> >
>
http://www.microsoft.com/resources/documentation/iis/6/all/proddocs/en-us/sec_auth_uncauth.mspx
> > > > > >
> > > >
> > >
> >
>
http://www.microsoft.com/resources/documentation/IIS/6/all/techref/en-us/iisRG_SCA_45.mspx
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > "Tom Kaminski [MVP]" <tomk (A@T) mvps (D.O.T) org> 撰寫於郵件新
聞
> > > > > > :cfg1o1$fht19@kcweb01.netnews.att.com...
> > > > > >> "EricTsai - 蔡宗翰" <erictsai@yam.com.asdfoup> wrote in message
> > > > > >> news:emd3X%23HgEHA.3292@TK2MSFTNGP10.phx.gbl...
> > > > > >> > A virtual directory is set to an UNC path and
> > > > > >> > I've specified the user and password IIS will used to connect
> to
> > > > remote
> > > > > >> > share.
> > > > > >> > But when I browse the virtual directory in IE,
> > > > > >> > I got 500 Internal Server Error.
> > > > > >> >
> > > > > >> > Afte some experiments I found that on the local computer
> running
> > > IIS
> > > > > >> > there MUST EXIST A LOCAL ACCOUNT with the same username and
> > > password,
> > > > > >> > or I'll get a 500 Internal Server Error.
> > > > > >> >
> > > > > >> > I've read about UNC authentication setting in IIS manual and
> > > several
> > > > > >> > web
> > > > > >> > pages on microsoft.com,
> > > > > >> > but there's NO document mentioned about this point.
> > > > > >> > All they say is the user must exist on the remote computer or
> > > > > >> > is a domain accountand and have correct password.
> > > > > >>
> > > > > >> Yes, that *IS* the documentation on this point - as user with
the
> > > same
> > > > > >> username and password must exists on the target server.
> > > > > >>
> > > > > >> --
> > > > > >> Tom Kaminski IIS MVP
> > > > > >>
http://www.microsoft.com/windowsserver2003/community/centers/iis/
> > > > > >> http://mvp.support.microsoft.com/
> > > > > >> http://www.iisfaq.com/
> > > > > >> http://www.iistoolshed.com/ - tools, scripts, and utilities for
> > > running
> > > > > > IIS
> > > > > >> http://www.tryiis.com
> > > > > >>
> > > > > >>
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >
> >
> >
>
>
- Next message: Hans Olav Stjernholm: "Does Http.sys block all mobile device requests?"
- Previous message: Daniel Schade \(remove NOSPAM.PLEASE for answer\): "Re: X-Forwarded-For"
- In reply to: Bernard: "Re: UNC path authentication problem"
- Next in thread: Tom Kaminski [MVP]: "Re: UNC path authentication problem"
- Reply: Tom Kaminski [MVP]: "Re: UNC path authentication problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
