Re: IIS Security Problems
- From: Aaron <Aaron@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 18 Apr 2006 17:47:02 -0700
"Steven L Umbach" wrote:
Look in the security log to see if a failed logon shows and it make give aThanks steve,
reason why if auditing of logon events is enabled in Local Security Policy
which it is by default I believe. Also enable auditing of privilege use for
failure to see if such an event is recorded at the time of the failure
message that would indicate what user right the user lacks which can be
managed via Local Security Policy - local policies/user rights. Logon rights
for logon locally and access this computer from the network would be
possibilities. You could also configure the security option for accounts:
limit local account use of blank passwords to console logon only to be
disabled. --- Steve
SeNetworkLogonRight Access this computer from the network
SeInteractiveLogonRight Log on locally
SeBatchLogonRight Log on as a batch job
SeServiceLogonRight Log on as a service
SeDenyNetworkLogonRight Deny access this computer from the network
SeDenyInteractiveLogonRight Deny log on locally
SeDenyBatchLogonRight Deny log on as a batch job
SeDenyServiceLogonRight Deny log on as a service
"Aaron" <Aaron@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:5E4A74FE-D982-4B72-B0A9-EF74826241FF@xxxxxxxxxxxxxxxx
Yeah... we all know XP networking can be fun sometimes... I have to Pro
machines one of which i couldn't access from the other... went through did
the advanced file sharing thing so i could set up permissions and all...
got
that figured out, however... in the process the web page i was hosting on
the
machine now gives this message when accessed: Logon failure: user account
restriction. Possible reasons are blank passwords not allowed, logon hour
restrictions, or a policy restriction has been enforced. on just a plain
simple white page... i've looked through EVERYTHING i could think of and
finnaly moved the site to my other computer. works fine on that one so i
began comparing security settings between the two and for the life of me i
cna't figure out why it's not working on the original server... I know
it's
some kind of securtiy policy setting somewhere but the question is where
the
hell is it???
I eventually did find it... i logged out and back in under the Admin
account (don't think this was really necessary but i found what i was looking
for in there...) messed around with the mmc a little, finnaly did a Search on
Local Security and found a link to open up the Local Security Settings MMC...
to do this through mmc itself, open a new console, click file - add/remove
snap in - add - Group Policy Object Editor then click add / finish / close -
select Local computer policy - Extensions Tab In the drop down box select
Security Settings and ok...
Now...
Computer Config
Windows Settings
Security Settings
Account Policy
Password policy
password must meet
complexity req. = Disabled
Note, i'm not concerend about security on this system... doing this may open
you up so be ware... but it will fix that problem...
.
- Follow-Ups:
- Re: IIS Security Problems
- From: Steven L Umbach
- Re: IIS Security Problems
- References:
- Re: IIS Security Problems
- From: Steven L Umbach
- Re: IIS Security Problems
- Prev by Date: Re: How to determine TCP/IP pack source IP spoofing?
- Next by Date: Re: How do I turn off TLS 1.0 with regedit??
- Previous by thread: Re: IIS Security Problems
- Next by thread: Re: IIS Security Problems
- Index(es):
Relevant Pages
|
