Re: Problems with authenticated users accessing asp's

From: ] (dlaflotte_at_criticalsites.com)
Date: 05/25/05 

Date: Wed, 25 May 2005 10:20:17 -0400

Gavin,
    The next thing I might check would be the NTFS permissions to the
directory that houses the asp pages. Make sure that the domain users group
(or whichever group your users are apart of) has access to that directory.
Anonymous access uses very special credentials that may have rights on that
directory (as do administrators) by default so that may be why admins work
and anonymous works. But when you use the users context then you run into
issues.

Hope this helps. If not just post and we'll see what we can do :) 

-- 
Duane Laflotte
MCSE, MCSD, MCDBA, MCSA, MCT, MCP+I
dlaflotte@criticalsites.com
http://www.criticalsites.com/dlaflotte
"Gavin" <gavin@dont.spam.me.com> wrote in message
news:79605EC8-5B01-42BC-83FC-ECEB63CBCF48@microsoft.com...
>
> I have IIS serving static content and asp's from IIS6 on Win2003 Server.
The
> site uses Integrated Security with the server on a 2003 server domain.
> Clients are on a different domain and enter login information in the
browser
> pop-up.
> The behaviour I get is as follows ..
>
> - All domain users can access html files.
> - A user I've added to the Administrators group on the web server can use
> the site without trouble - all other users are given a 500 response to
> attempts to access asp's and in the log file I get a permission denied
error.
>
> 2005-05-25 09:56:56 W3SVC25858248 xxx.xxx.19.25 GET /Default.asp
> |34|800a0046|Permission_denied 2002 telem\holland xxx.xxx.244.109 HTTP/1.1
> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1) xxx.xxx.19.25:2002
> 500 0 0 409
>
> - If I drop the site back to anonymous login all works fine.
>
> There is obviously a simple setting I'm missing, and am hopping someone
will
> be able to point me at it.
> I've tried adding 'telem\Domain Users' (where telem is the webserver's
> domain)to a number of the local security settings (including 'Access this
> computer from the network'). Is there a definitive list of which are
required
> - I've added 'telem\Domain Users' to all entries that have
'IUSR_servername'
> and even 'IIS_WPG' out of desperation. Any other thoughts?
>
> Regards
> Gavin
>

Relevant Pages

  • Re: Least amount of privileges
    ... It depends on what the domain users group has for permissions. ... Does this third party program have a service account that runs the app for ... moving this app off of your sql server and put it on a seperate server. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Access rights issue with Sharepoint - newbie question
    ... as the WSS server isn't running activedirectory. ... That I took the domain users out of the domain admins group on the WSS ... one that would be making all the site-changes to the SharePoint app as ... Administrators Group) - I believe it may be because the users are not ...
    (microsoft.public.sharepoint.windowsservices)
  • Re: Granting Access to intranet on IIS 5
    ... One way is to use NTFS permissions on IIS server. ... domain users are Authenticated Users. ... > I have looked at setting up user accounts and roles within the server ...
    (microsoft.public.inetserver.iis.security)
  • Re: question about Restricting access
    ... removed the user in question from domain users and added him to ... on his own folders on the server, ... on other folders, I removed "everyone", if it existed and repleaced ... >> configure your NTFS permissions. ...
    (microsoft.public.win2000.general)
  • Re: Access rights issue with Sharepoint - newbie question
    ... as the WSS server isn't running activedirectory. ... That I took the domain users out of the domain admins group on the WSS ... one that would be making all the site-changes to the SharePoint app as ... Administrators Group) - I believe it may be because the users are not ...
    (microsoft.public.sharepoint.windowsservices)