Re: identify disabled users and bad bad passwords
From: Bernard (qbernard_at_hotmail.com.discuss)
Date: 12/22/04
- Next message: Bernard: "Re: Locked User Accounts On IIS 5.0"
- Previous message: Bernard: "Re: Getting"
- In reply to: Scilabop: "Re: identify disabled users and bad bad passwords"
- Next in thread: Ken Schaefer: "Re: identify disabled users and bad bad passwords"
- Reply: Ken Schaefer: "Re: identify disabled users and bad bad passwords"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 22 Dec 2004 12:07:55 +0800
My guess for 401 only support file is because 401.X is related to access
error. which probably related to dynamic scripting, etc, hence IIS only
allows you to send back static file content that doesn't need to be
'intepret' by all isapi filter. inetinfo.exe will read the content and send
it back to clients.
-- Regards, Bernard Cheah http://www.tryiis.com/ http://support.microsoft.com/ http://www.msmvps.com/bernard/ "Scilabop" <scilabop@Xuvic.ca> wrote in message news:e2z9ww65EHA.1452@TK2MSFTNGP11.phx.gbl... > Thank you, Bernard. > > I tried. The sc-win32-status codes for disabled account and bad > username/passward are all "5". > But the security event log did give the specific failure reasons. I am now > wondering how I can program with the system log. > > Here I got another question. > I suppose to be able to customize the HTTP error messages by mapping a > file > or URL. But HTTP 401 (-1,-2,-3,-4, -5) just offer the option of mapping to > a > file, but not URL, while all other HTTP errors have the options of both > file > and URL. I found this problem when I was trying to redirect HTTP 401.1 > message to an ASP script. Any one else ever had such problem? > > Thanks a lot. > > Ally > > > > "Bernard" <qbernard@hotmail.com.discuss> wrote in message > news:OwDkQoy5EHA.3368@TK2MSFTNGP10.phx.gbl... >> Well, 401.1 stands for login failed, hence it could be username/password >> wrong, it could be account disabled and lockout. Not sure if the win32 >> status code field will give you more detail, but you can try enable it in >> the w3c extended iis log format. >> >> as for the login prompt, it's actually client browse control. IIS only >> return authentication header and it's up to client browser to react. >> >> -- >> Regards, >> Bernard Cheah >> http://www.tryiis.com/ >> http://support.microsoft.com/ >> http://www.msmvps.com/bernard/ >> >> >> >> "Scilabop" <scilabop@Xuvic.ca> wrote in message >> news:%23pBcz6H5EHA.1404@TK2MSFTNGP11.phx.gbl... >> > Hello, >> > >> > We are using IIS5.0 and integrated windows authentication to protect >> > network >> > resource. >> > The system takes both disabled accounts and bad username and password >> > pairs >> > as HTTP401.1 error. My task is to distinguish these errors, and then > take >> > corresponding actions. But I have problem to retreive the unauthorized >> > username. >> > >> > I am really curious about what triggers those .htr files within >> > /inetsrv/iisadmpwd. Is that the iisadminpwd.dll file controls > everything? >> > If >> > I could look into the source code for the little popup authentication >> > window, my task would be easy to get done. >> > >> > Any helps are appreciated. >> > >> > Ally >> > >> > >> > >> > >> >> > >
- Next message: Bernard: "Re: Locked User Accounts On IIS 5.0"
- Previous message: Bernard: "Re: Getting"
- In reply to: Scilabop: "Re: identify disabled users and bad bad passwords"
- Next in thread: Ken Schaefer: "Re: identify disabled users and bad bad passwords"
- Reply: Ken Schaefer: "Re: identify disabled users and bad bad passwords"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
