| Ken Schaefer 2004-06-20, 10:36 pm |
| When allowing "anonymous access", IIS still impersonates a user account (by
default IUSR_<machinename> ). It may be possible that IIS no longer has the
password for this account (subauthentication is disabled by default in IIS
6.0), so because IIS is unable to logon as IUSR_<machinename>, the user gets
prompted to supply alternate credentials. You should see errors in the
security event log (if you've enabled logon failure auditing).
Otherwise, the other possibility is that the IUSR_<machinename> account no
longer has permissions to the files in question, in which case the user is
also prompted to supply alternate credentials.
<plug type="shameless">
All this is covered in my IIS 6.0 Security book (from Syngress). You can
grab a sample chapter from my website: www.adopenstatic.com (there's a link
on the homepage). Authentication issues are covered in that chapter. It
might be useful in your case.
</plug>
Cheers
Ken
<jeremy.hoekstraNOSPAM@celeratec.com> wrote in message
news:1ea0301c456a9$fc9aed50$a301280a@phx
.gbl...
: We have a 1-server environment that we just upgraded to
: Windows 2003 Server from Windows 2000. It is a Domain
: Controller and is running Exchange 2003.
:
: When we upgraded IIS, it now prompts for a username and
: password. Anonymous Access is enabled for the website in
: question.
:
: Is there a resource to troubleshoot for this kind of
: security change? The only thing I can think of that might
: be happening is that the website is NOT in the
: inetpub/wwwroot directory - it is on another drive.
:
: I have already been to Microsoft's "All About
: Authentication" site and it was no help. Why are we
: receiving this prompt?
|