|
Home > Archive > IIS Server Security > December 2004 > Authentication problem
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Authentication problem
|
|
| Jonny Bergdahl 2004-12-09, 6:19 pm |
| I have a web site set up for Basic authentication only, with a default
domain set up:
1. When a user tries to log on using his account name the server refuses
access.
2 When the user the user@domain format the server refuses access.
3 When the user uses the domain\user format the server grants access.
What is wrong here? The security log events looks like this:
--1-------------------------
Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 529
Date: 2004-12-09
Time: 18:14:03
User: NT AUTHORITY\SYSTEM
Computer: AMBER
Description:
Logon Failure:
Reason: Unknown user name or bad password
User Name: user
Domain: DOMAIN
Logon Type: 2
Logon Process: IIS
Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
Workstation Name: AMBER
----------------------------
--2-------------------------
Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 529
Date: 2004-12-09
Time: 18:31:44
User: NT AUTHORITY\SYSTEM
Computer: AMBER
Description:
Logon Failure:
Reason: Unknown user name or bad password
User Name: user@domain.com
Domain: DOMAIN
Logon Type: 2
Logon Process: IIS
Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
Workstation Name: AMBER
----------------------------
--3-------------------------
Event Type: Success Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 528
Date: 2004-12-09
Time: 18:44:06
User: DOMAIN\user
Computer: AMBER
Description:
Successful Logon:
User Name: user
Domain: DOMAIN
Logon ID: (0x0,0x44AA8103)
Logon Type: 2
Logon Process: IIS
Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
Workstation Name: AMBER
----------------------------
The successful logon differs in that it is not the NT AUTHORITY\SYSTEM that
manages the logon, but the user account itself.
How do I troubleshoot this problem?
Any advice is highly appreciated!
Regards;
Jonny Bergdahl
| |
| Jiri Richter [MSFT] 2004-12-13, 6:38 pm |
| Jonny,
I tried the setup you described on IIS6 and it appeared to be working fine.
What IIS version are you using?
Jiri Richter
Microsoft Corp.
"Jonny Bergdahl" <jonnybergdahl@newsgroups.nospam> wrote in message
news:Obywidh3EHA.1524@TK2MSFTNGP09.phx.gbl...
>I have a web site set up for Basic authentication only, with a default
>domain set up:
> 1. When a user tries to log on using his account name the server refuses
> access.
> 2 When the user the user@domain format the server refuses access.
> 3 When the user uses the domain\user format the server grants access.
>
> What is wrong here? The security log events looks like this:
>
> --1-------------------------
> Event Type: Failure Audit
> Event Source: Security
> Event Category: Logon/Logoff
> Event ID: 529
> Date: 2004-12-09
> Time: 18:14:03
> User: NT AUTHORITY\SYSTEM
> Computer: AMBER
> Description:
> Logon Failure:
> Reason: Unknown user name or bad password
> User Name: user
> Domain: DOMAIN
> Logon Type: 2
> Logon Process: IIS
> Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
> Workstation Name: AMBER
> ----------------------------
> --2-------------------------
> Event Type: Failure Audit
> Event Source: Security
> Event Category: Logon/Logoff
> Event ID: 529
> Date: 2004-12-09
> Time: 18:31:44
> User: NT AUTHORITY\SYSTEM
> Computer: AMBER
> Description:
> Logon Failure:
> Reason: Unknown user name or bad password
> User Name: user@domain.com
> Domain: DOMAIN
> Logon Type: 2
> Logon Process: IIS
> Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
> Workstation Name: AMBER
>
> ----------------------------
> --3-------------------------
> Event Type: Success Audit
> Event Source: Security
> Event Category: Logon/Logoff
> Event ID: 528
> Date: 2004-12-09
> Time: 18:44:06
> User: DOMAIN\user
> Computer: AMBER
> Description:
> Successful Logon:
> User Name: user
> Domain: DOMAIN
> Logon ID: (0x0,0x44AA8103)
> Logon Type: 2
> Logon Process: IIS
> Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
> Workstation Name: AMBER
>
> ----------------------------
>
> The successful logon differs in that it is not the NT AUTHORITY\SYSTEM
> that manages the logon, but the user account itself.
>
> How do I troubleshoot this problem?
>
> Any advice is highly appreciated!
>
> Regards;
> Jonny Bergdahl
>
| |
| Jonny Bergdahl 2004-12-16, 7:39 pm |
| > I tried the setup you described on IIS6 and it appeared to be working
> fine. What IIS version are you using?
I am running IIS 5.0 on Windows 2000 Server configured as a member server of
the domain.
Regards;
/jb
| |
| Jiri Richter [MSFT] 2004-12-16, 7:39 pm |
| Jonny,
I've had the same result with IIS 5.0. I susspect that the
DefaultLogonDomain property is not set properly on your machine. You can
find out more about this property here
http://www.microsoft.com/windows200...p/apro3hym.htm.
In your case its value should be set to the name of the domain. You can do
that in the IIS administration UI by entering domain name in the Basic
Authentication Domain dialog.
--
Jiri Richter
Microsoft Corp.
This posting is provided "AS IS" with no warranties, and confers no rights.
"Jonny Bergdahl" <jonnybergdahl@newsgroups.nospam> wrote in message
news:O248Ys54EHA.3336@TK2MSFTNGP11.phx.gbl...
>
> I am running IIS 5.0 on Windows 2000 Server configured as a member server
> of the domain.
>
> Regards;
> /jb
>
|
|
|
|
|