Re: identify disabled users and bad bad passwords
From: Scilabop (scilabop_at_Xuvic.ca)
Date: 12/21/04
- Next message: Jiri Richter [MSFT]: "Re: IUSR_* writepermissions dangerous?"
- Previous message: Craig Humphrey: "Re: How to? Certificate Server 1.0 root certificate renewal"
- In reply to: Bernard: "Re: identify disabled users and bad bad passwords"
- Next in thread: Bernard: "Re: identify disabled users and bad bad passwords"
- Reply: Bernard: "Re: identify disabled users and bad bad passwords"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 21 Dec 2004 14:26:51 -0800
Thank you, Bernard.
I tried. The sc-win32-status codes for disabled account and bad
username/passward are all "5".
But the security event log did give the specific failure reasons. I am now
wondering how I can program with the system log.
Here I got another question.
I suppose to be able to customize the HTTP error messages by mapping a file
or URL. But HTTP 401 (-1,-2,-3,-4, -5) just offer the option of mapping to a
file, but not URL, while all other HTTP errors have the options of both file
and URL. I found this problem when I was trying to redirect HTTP 401.1
message to an ASP script. Any one else ever had such problem?
Thanks a lot.
Ally
"Bernard" <qbernard@hotmail.com.discuss> wrote in message
news:OwDkQoy5EHA.3368@TK2MSFTNGP10.phx.gbl...
> Well, 401.1 stands for login failed, hence it could be username/password
> wrong, it could be account disabled and lockout. Not sure if the win32
> status code field will give you more detail, but you can try enable it in
> the w3c extended iis log format.
>
> as for the login prompt, it's actually client browse control. IIS only
> return authentication header and it's up to client browser to react.
>
> --
> Regards,
> Bernard Cheah
> http://www.tryiis.com/
> http://support.microsoft.com/
> http://www.msmvps.com/bernard/
>
>
>
> "Scilabop" <scilabop@Xuvic.ca> wrote in message
> news:%23pBcz6H5EHA.1404@TK2MSFTNGP11.phx.gbl...
> > Hello,
> >
> > We are using IIS5.0 and integrated windows authentication to protect
> > network
> > resource.
> > The system takes both disabled accounts and bad username and password
> > pairs
> > as HTTP401.1 error. My task is to distinguish these errors, and then
take
> > corresponding actions. But I have problem to retreive the unauthorized
> > username.
> >
> > I am really curious about what triggers those .htr files within
> > /inetsrv/iisadmpwd. Is that the iisadminpwd.dll file controls
everything?
> > If
> > I could look into the source code for the little popup authentication
> > window, my task would be easy to get done.
> >
> > Any helps are appreciated.
> >
> > Ally
> >
> >
> >
> >
>
>
- Next message: Jiri Richter [MSFT]: "Re: IUSR_* writepermissions dangerous?"
- Previous message: Craig Humphrey: "Re: How to? Certificate Server 1.0 root certificate renewal"
- In reply to: Bernard: "Re: identify disabled users and bad bad passwords"
- Next in thread: Bernard: "Re: identify disabled users and bad bad passwords"
- Reply: Bernard: "Re: identify disabled users and bad bad passwords"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
