Re: Locked User Accounts On IIS 5.0
From: Scilabop (scilabop_at_Xuvic.ca)
Date: 12/22/04
- Next message: Miha Pihler: "Re: Redirecting Http:// to Https://"
- Previous message: Nieman: "Require Client Certificates Fail with ASP Code"
- In reply to: Bernard: "Re: Locked User Accounts On IIS 5.0"
- Next in thread: Bernard: "Re: Locked User Accounts On IIS 5.0"
- Reply: Bernard: "Re: Locked User Accounts On IIS 5.0"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 22 Dec 2004 09:52:35 -0800
Having my own authentication check would involve other security issues. I
think I'd take advantage of the built IIS one.
I now have an idea in my mind. When an authentication fails, the HTTP 401
error triggers a script, which queries the security event log with a WMI
object, and identifies the failure reason with the EventCode, for an
example, 531 for disabled account.
I haven't figured out how the vbscript codewould look like. The first
problem I encountered here is mapping the HTTP 401 error to an URL. What
Bernard replied on my posting on Dec.17 seems to be right. I just can't do
the URL mapping. Annoying...
Ally
"Bernard" <qbernard@hotmail.com.discuss> wrote in message
news:eFIePy95EHA.3736@TK2MSFTNGP10.phx.gbl...
> Unless you are doing your own authentication check, and OS replied you
with
> the correct status. AFAIK, you can't achieve this with built IIS
> authentication and log file status code.
>
> --
> Regards,
> Bernard Cheah
> http://www.tryiis.com/
> http://support.microsoft.com/
> http://www.msmvps.com/bernard/
>
>
>
> "Scilabop" <scilabop@Xuvic.ca> wrote in message
> news:eY8KD165EHA.1408@TK2MSFTNGP10.phx.gbl...
> > Hi Chad,
> >
> > I am working on this too. But I haven't got a clue. You might want to
read
> > my posting of "identify disabled users and bad passwards" on Dec. 17.
Hope
> > to share any information we get.
> >
> > Thanks.
> >
> > Ally
> >
> >
> > "wallywombat" <wallywombat@gmail.com> wrote in message
> > news:1103649832.016501.232700@c13g2000cwb.googlegroups.com...
> >> Is there a way I can customize an http error message so that if the
> >> users account is locked out that it displays a message stating that the
> >> account is locked out rather than the normal access denied message
> >> (401).
> >>
> >> Chad
> >>
> >
> >
>
>
- Next message: Miha Pihler: "Re: Redirecting Http:// to Https://"
- Previous message: Nieman: "Require Client Certificates Fail with ASP Code"
- In reply to: Bernard: "Re: Locked User Accounts On IIS 5.0"
- Next in thread: Bernard: "Re: Locked User Accounts On IIS 5.0"
- Reply: Bernard: "Re: Locked User Accounts On IIS 5.0"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
