Re: IIS auth. problem with 2003 SP1

---

• From: "Ken Schaefer" <kenREMOVE@xxxxxxxxxxxxxxxxxxxx>
• Date: Thu, 20 Apr 2006 22:03:40 +1000

---

Hi

Error 0xC000006D
# for hex 0xc000006d / decimal -1073741715 :
STATUS_LOGON_FAILURE ntstatus.h
# The attempted logon is invalid. This is either due to a bad
# username or authentication information.

Don't know if that helps at all.

Do you get the same errors in the event log when you use Basic AuthN?

Cheers
Ken


"Jan Nielsen" <janielsen@xxxxxxxxxxxxx> wrote in message
news:OzDS2wGZGHA.4920@xxxxxxxxxxxxxxxxxxxxxxx

On a 2003 stand alone server I'm running Citrix webinterface on top of the
IIS.

This web interface implements it's own authentication for regular users,
and as such IIS sees user sessions as anonymous. But a subdirectory of the
IIS allows for administration of the web interface, and because of that
I've set it to require integrated authentication. To access these
administration pages I usually specify the local administrator (pretty
much the only existing user on that box).

Recently I installed SP1 + all existing security patches, and I thought
that everything was working all right. Now some weeks later I've found out
that I'm not able to login to the IIS anymore to access these
administration web pages. It simply keeps asking for a user ID and
password and after 3 tries it states that I'm not authorized to view the
page, as if I had entered incorrect credentials.
However I can login to the console. Furthermore I've checked policies
(logon locally, access via network) and I've checked ACLs on the files and
folders I'm trying to access. Everything seems to be ok, but I still can't
login.

For each logon attempt the following message is written to the audit log:
Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 537
Date: 20-04-2006
Time: 13:08:35
User: NT AUTHORITY\SYSTEM
Computer: DKTSCSG01
Description:
Logon Failure:
Reason: An error occurred during logon
User Name: administrator
Domain: DKTSCSG01
Logon Type: 3
Logon Process: ÐùX
`?

Authentication Package: NTLM
Workstation Name: DKTSCSG01
Status code: 0xC000006D
Substatus code: 0x0
Caller User Name: -
Caller Domain: -
Caller Logon ID: -
Caller Process ID: -
Transited Services: -
Source Network Address: 193.x.x.x
Source Port: 11611

I'm not sure, but I'm suspecting the installation of SP1 has changed some
security setting preventing this IIS login.
Has anyone seen such a problem before or have an idea of what I could try
or check ?

I tried to enable basic authentication too, but it makes no difference.


Thanks in advance,
Jan Nielsen

.

---

• Follow-Ups:
  • Re: IIS auth. problem with 2003 SP1
    • From: Jan Nielsen

• References:
  • IIS auth. problem with 2003 SP1
    • From: Jan Nielsen

• Prev by Date: IIS auth. problem with 2003 SP1
• Next by Date: Re: IIS auth. problem with 2003 SP1
• Previous by thread: IIS auth. problem with 2003 SP1
• Next by thread: Re: IIS auth. problem with 2003 SP1
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Exchange, Event 537, and Access Denied, Oh my ... an error occurred during logon ... caller user name: - ... fails (which is what started me investigating this server in the first ... the authentication between the pda and iis occurs fine, ... (microsoft.public.windows.server.sbs) Exchange, Event 537, and Access Denied, Oh my ... an error occurred during logon ... caller user name: - ... fails (which is what started me investigating this server in the first ... the authentication between the pda and iis occurs fine, ... (microsoft.public.windows.server.sbs) Re: Exchange, Event 537, and Access Denied, Oh my ... There are a number of kb articles linked to the error there, allthough I don't see any exact matches other than the error code, indicating the that means "STATUS_LOGON_FAILURE", the attempted logon is invalid. ... (bad username or authentication) ... caller user name: - ... fails (which is what started me investigating this server in the first ... (microsoft.public.windows.server.sbs) Re: Kerberos machine authentication - apparent authentication fail ... > until logon), the wireless connection can kick off when it is ready. ... > was confirmed in the server event logs with IAS (i set that up as the radius ... > as an ordinary user kicks in and takes over from the machine authentication. ... > while the network sorts itself out and a double click on a network link of ... (microsoft.public.windows.server.security) Re: Kerberos machine authentication - apparent authentication fail ... as the case may be) which will delay authentication until ... I also have an Intel network adapter and WAP that does not have this> problem and even works well with 802.1X EAP-TLS for domain logon. ... In> most cases [ipsec a possible exception] kerberos authentication is not> needed to access domain resources as long as the client and server use a> common authentication method for lm/ntlm/ntlmv2. ... The main issue is to> NEVER include an ISP dns server in the preferred server list in the tcp/ip> properties or DHCP scope of any domain computer or any computer you want to> join to the domain in which case your computers may be trying to locate the> domain _srv records on the ISP dns server and fail. ... (microsoft.public.windows.server.security)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(12)