Will this prevent 'anonymous' IIS connections?

From: Jay Miller (anonymous_at_discussions.microsoft.com)
Date: 12/04/03

• Next message: Parts: "Logging user activity"
• Previous message: Curtis Clay III [MSFT]: "RE: Problem with processor interrupts."
• In reply to: Ohaya: "Will this prevent 'anonymous' IIS connections?"
• Next in thread: Steven L Umbach: "Re: Will this prevent 'anonymous' IIS connections?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Thu, 4 Dec 2003 10:13:41 -0800

You can tell IIS what account to use for anonymous
access. Go into the properties for the site and check the
security, and where you can check "anonymous access",
there's a tab there for "edit" where you can tell it what
account to use. Just make sure it's a legitimate account
w/ no more rights than it needs.

>-----Original Message-----
>Hi,
>
>We're running a machine with Win2K Advanced Server. It's
configured as
>a domain controller, and we also have IIS running on it.
The website we
>have running on IIS is configured to "Allow anonymous"
connections.
>
>I've been told that as part of the company's standard
security settings,
>they want us to configure the Guests account on this
machine to disable
>"Access this computer from network" and "Log on locally".
>
>I've been hesitant to do this because I am concerned that
it would
>prevent anonymous connections to IIS.
>
>
>Can someone confirm whether this will be the case or not?
>
>And, if it is not the case (i.e., if disabling those will
not prevent
>anonymous IIS connections), how do I go about disabling
them? When I
>look in Local Policies, the local policy is unchecked,
but the
>"Effective Policy Setting" box is grayed out and checked.
>
>Thanks in advance!
>.
>

---

• Next message: Parts: "Logging user activity"
• Previous message: Curtis Clay III [MSFT]: "RE: Problem with processor interrupts."
• In reply to: Ohaya: "Will this prevent 'anonymous' IIS connections?"
• Next in thread: Steven L Umbach: "Re: Will this prevent 'anonymous' IIS connections?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: DCOM calls fails - access denied ... That's exactly how I understood the ASP.NET security. ... But why does one configuration work but not the other? ... should get the token from IIS. ... If you set there a domain account, ... (microsoft.public.dotnet.framework.aspnet.security) Re: Cannot use usernameForCertificateSecurity with IIS application pool custom account ... other account does not. ... It seems to be a bug or problem in one of the CryptoAPI functions. ... In IIS 5.0/6.0 to process the PFX file I use the CryptoAPI function ... The security context token cannot be retrieved ... (microsoft.public.dotnet.framework.webservices.enhancements) Re: XP network error ... The account is not authorized to log on from ... Disabling NIS may not be sufficient. ... When you disable Simple File Sharing, do you have a working Guest ... Security Policy. ... (microsoft.public.windowsxp.network_web) Re: DCOM calls fails - access denied ... IIS security. ... That means the worker ... If you set there a domain account, ... (microsoft.public.dotnet.framework.aspnet.security) Re: 401.1 Error w/ Anonymous Access ... > - I've set up a local account on the machine (Win2000 Professional, ... > - In the local machine's Local Security Policy I've allowed SiteUser to ... I am under the impression that if Anonymous Access is ... IIS will treat the request as if it is coming from the user ... (microsoft.public.inetserver.iis.security)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(12)