| Author |
integrated windows security requests user name and password...
|
|
| Rea Peleg 2004-10-19, 7:50 am |
| Hi all
I'm trying to set iis 6.0 on a w2k3 server.
My test site's security is anonimous access + integrated windows.
This site is very simple...just one html page.
I have also granted the iis anonimous user account, credentials on the
site's ntfs directory.
After this i am still being asked to enter windows user name and password..
If i skip this part or enter errouneous data i get the 'you arenot
authorized to view this page'
error..
My questions are:
1)Why am i asked at all to enter windows user details?? Isn't it suposed to
be transparent
when security is set to 'integrated windows'?
2)If i discard the windows authentication stage - should not i be recognized
as an anonimous user and still get its permissions?
Thanks alot for your attention
Rea
| |
| Miha Pihler 2004-10-19, 7:50 am |
| Hi Rea,
By default if Anonymous Access is enabled it is tried first not the other
way around. If Anonymous account does not have permissions to access the
site, then it will fall back to authentication option if one is selected.
Make sure that IUSR_<server-name> (or other anonymous account that you might
have created and assign it to IIS) must have NTFS permissions on the folder
where the web content is stored. If this user does not have e.g. read NTFS
permissions anonymous account will be denied access to the content (web
site). IIS will always honor the NTFS permissions.
For integrated authentication to work your site has to be in Local Intranet
zone. If it is not computer will not send your credentials to the server.
If user account used in Integrated Authentication (account with which you
are logged on) does not have NTFS permissions (e.g. read) on the folder
where the web content is again he/she will be denied access to the
website...
I hope this helps,
Mike
"Rea Peleg" <rea_p@afek.co.il> wrote in message
news:uZbkYfbtEHA.2984@TK2MSFTNGP10.phx.gbl...
> Hi all
> I'm trying to set iis 6.0 on a w2k3 server.
> My test site's security is anonimous access + integrated windows.
> This site is very simple...just one html page.
> I have also granted the iis anonimous user account, credentials on the
> site's ntfs directory.
> After this i am still being asked to enter windows user name and
password..
> If i skip this part or enter errouneous data i get the 'you arenot
> authorized to view this page'
> error..
> My questions are:
> 1)Why am i asked at all to enter windows user details?? Isn't it suposed
to
> be transparent
> when security is set to 'integrated windows'?
> 2)If i discard the windows authentication stage - should not i be
recognized
> as an anonimous user and still get its permissions?
>
> Thanks alot for your attention
> Rea
>
>
| |
| Rea Peleg 2004-10-19, 7:50 am |
| Exactly my point.
Did all that and still it does not work..
There must be something i am missing..
Thanks any way 
"Miha Pihler" <mihap-news@atlantis.si> wrote in message
news:uGKuDlbtEHA.2316@TK2MSFTNGP12.phx.gbl...
> Hi Rea,
>
> By default if Anonymous Access is enabled it is tried first not the other
> way around. If Anonymous account does not have permissions to access the
> site, then it will fall back to authentication option if one is selected.
>
> Make sure that IUSR_<server-name> (or other anonymous account that you
might
> have created and assign it to IIS) must have NTFS permissions on the
folder
> where the web content is stored. If this user does not have e.g. read NTFS
> permissions anonymous account will be denied access to the content (web
> site). IIS will always honor the NTFS permissions.
>
> For integrated authentication to work your site has to be in Local
Intranet
> zone. If it is not computer will not send your credentials to the server.
>
> If user account used in Integrated Authentication (account with which you
> are logged on) does not have NTFS permissions (e.g. read) on the folder
> where the web content is again he/she will be denied access to the
> website...
>
> I hope this helps,
>
> Mike
>
> "Rea Peleg" <rea_p@afek.co.il> wrote in message
> news:uZbkYfbtEHA.2984@TK2MSFTNGP10.phx.gbl...
> password..
> to
> recognized
>
>
| |
| Miha Pihler 2004-10-19, 7:50 am |
| Rea,
Is this anonymous account IUSR account or a custom (new) account? Make sure
that account is not disabled. Also check your event logs for any errors.
Mike
"Rea Peleg" <rea_p@afek.co.il> wrote in message
news:%23lQpAfctEHA.1272@TK2MSFTNGP12.phx.gbl...
> Exactly my point.
> Did all that and still it does not work..
> There must be something i am missing..
> Thanks any way
>
> "Miha Pihler" <mihap-news@atlantis.si> wrote in message
> news:uGKuDlbtEHA.2316@TK2MSFTNGP12.phx.gbl...
other[vbcol=seagreen]
selected.[vbcol=seagreen]
> might
> folder
NTFS[vbcol=seagreen]
> Intranet
server.[vbcol=seagreen]
you[vbcol=seagreen]
suposed[vbcol=seagreen]
>
>
| |
| Yogita Manghnani [MSFT] 2004-11-12, 5:50 pm |
| Hello,
Turn off Integrated windows authentication and check what error IE displays
(be sure to uncheck IE-> Tools-> Internet Options-> Advanced-> Show
friendly http error messages-> reopen the browser). This will tell you why
Anonymous access is failing.
Good luck,
Yogita Manghnani
Microsoft Developer Support
Internet Information Server
****************************************
*****************************[vbcol=seag
reen]
account name for newsgroup participation only.<<
This posting is provided "AS IS" with no warranties, and confers no rights.
You assume all risk for your use.
© 2003 Microsoft Corporation. All rights reserved.
****************************************
*****************************
|
|
|
|