Re: how to stop login credentials being passed automatically?
- From: "Roger Abell [MVP]" <mvpNoSpam@xxxxxxx>
- Date: Thu, 29 Jun 2006 19:11:51 -0700
I should have thought of this before.
Have him go to the User Accounts applet in control panel,
highlight his account and then access the link to manage
network passwords to see if there are cached credentials
stored there.
"geek-y-guy" <noone@xxxxxxxxxxx> wrote in message
news:O$mXtvTmGHA.1912@xxxxxxxxxxxxxxxxxxxxxxx
"Roger Abell [MVP]" <mvpNoSpam@xxxxxxx> wrote in message
news:udNsNK1lGHA.4712@xxxxxxxxxxxxxxxxxxxxxxx
Have them check in IE under Tools / Internet Option, on Security tab,
with appropriate zone highlighted (Intranet?) click on Custom and scroll
to the User Authentication section at the bottom. There they should have
selected Prompt for user name and password
It is also possible that the dev server is seen as being in Intranet zone
on the one person's PC but in Internet by the rest.
--
Roger Abell
Microsoft MVP (Windows Server : Security)
Thanks Roger. He says that:
"I went to all the "zones"
and required login for each. Then clear everything I can think of, open a
new window, type in ftp://thewebsite.com and I'm in."
BTW: He's not connect on the intranet. This is a server in a colo cabinet
and there's no locally connected users. The user in question is connecting
over a cable connection from his house to the colo facility 1000 miles
away.
Is there any chance a proxy server could be passing authentication creds
on his behalf? I wouldn't think that's possible but...
"geek-y-guy" <noone@xxxxxxxxxxx> wrote in message
news:u597GttlGHA.4076@xxxxxxxxxxxxxxxxxxxxxxx
Hi All:
I have a server running 2003 std. ed. with sp1. It's running web
services with a single website and ftpsite configured on it.
This is a development server, so neither the website nor the FTP site
allow anonymous access. The FTP site was set up without "user
isolation".
I have one developer working on this site, connecting to this server
remotely from an xp pro sp2 computer, who claims that they never get a
login prompt when they connect using Internet Explorer. A long time ago
they probably checked "remember password" when prompted for their login
credentials.
If I browse to the server in IE, either with http or ftp, I receive a
windows login prompt, as do other people who have tried to connect
without passing the credentials in the URL string (for ftp).
The developer claims that they've done everything they can in Internet
Options to remove the "remembered" login, including deleting their
cache, cookies, history and clearing the password cache in
"autocomplete". The only other software they use to interact with the
server Visual Studio Ent. Ed. ver. 6 (the old Visual Studio).
This is a problem because occasionally HTML mail gets sent from this
server with URLs referencing images on a public server...if the URLs
accidentally point to the development server, someone viewing the mail
in OE gets a login prompt when they try to view the mail. The problem
is, the developer never sees that happen (he just sees the email without
any errors).
Is there any place else that his login credentials would be stored on
his computer where they could be removed? Or is there some other
explanation to this phenomenon?
TIA!
.
- References:
- how to stop login credentials being passed automatically?
- From: geek-y-guy
- Re: how to stop login credentials being passed automatically?
- From: Roger Abell [MVP]
- Re: how to stop login credentials being passed automatically?
- From: geek-y-guy
- how to stop login credentials being passed automatically?
- Prev by Date: Re: WMI and Windows 2003 SP1
- Next by Date: Re: urgent please help ..microsoft event id +4199
- Previous by thread: Re: how to stop login credentials being passed automatically?
- Next by thread: Re: How to Stop Auditing Local Settings History Folder?
- Index(es):
Relevant Pages
|
