|
Home > Archive > IIS Server Security > August 2004 > IUSR_MACHINE and IWAM_MACHINE Web Service Problems
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
IUSR_MACHINE and IWAM_MACHINE Web Service Problems
|
|
| Knight of the Eld 2004-08-03, 2:48 am |
| Is there any reason why sites with Anonymous Access would fail every day the next morning in IIS 5.0 Windows 2000 Server? The password for IUSR_MACHINE is being managed by IIS. It seems to work fine after I reselect the user again and the check the "Let
IIS Manage password" checkbox, Restart IIS. Then, the next day, same thing all over again. I have run the IIS Lockdown utility and set .ini file to allow .asp, .aspx, etc.
If our site hosts a web service that calls into a SQL Server database on another machine using a SQL Server 2000 User Account, how do I set up to ensure that this can be done through Anonymous User? In other words, I am just hosting the Web Services on m
y Web Server and a Partner's .aspx page calls into our Web Server to serve up our Customer data. The Data is on another server in our Organization, not the Web Server. The Partner's .aspx page doesn't feed us any type of credentials whatsoever. I am 99
% sure they have hardcoded a DSN into the .asmx code which is served up on our IIS 5.0 Server. The DSN uses SQL Server User not Windows Integrated Security. If you could refer me to a tool or an Article that will help fix this problem it would be much a
ppreciated.
| |
| Jeff Cochran 2004-08-03, 5:53 pm |
| On Mon, 2 Aug 2004 20:51:25 -0700, "Knight of the Eld" <Knight of the
Eld@discussions.microsoft.com> wrote:
>Is there any reason why sites with Anonymous Access would fail every day the next morning in IIS 5.0 Windows 2000 Server? The password for IUSR_MACHINE is being managed by IIS. It seems to work fine after I reselect the user again and the check the "Le
t IIS Manage password" checkbox, Restart IIS. Then, the next day, same thing all over again. I have run the IIS Lockdown utility and set .ini file to allow .asp, .aspx, etc.
Look at your event log for possible answers.
>If our site hosts a web service that calls into a SQL Server database on another machine using a SQL Server 2000 User Account, how do I set up to ensure that this can be done through Anonymous User? In other words, I am just hosting the Web Services on
my Web Server and a Partner's .aspx page calls into our Web Server to serve up our Customer data. The Data is on another server in our Organization, not the Web Server. The Partner's .aspx page doesn't feed us any type of credentials whatsoever. I am 9
9% sure they have hardcoded a DSN into the .asmx code which is served up on our IIS 5.0 Server. The DSN uses SQL Server User not Windows Integrated Security. If you could refer me to a tool or an Article that will help fix this problem it would be much
appreciated.
See:
HOWTO: IIS and SQL Server on Separate Machines with Trusted
Connection:
http://support.microsoft.com/defaul...b;en-us;q176379
Jeff
| |
| Knight of the Eld 2004-08-03, 5:53 pm |
| Below is the record from the IIS ODBC Log 8/2/2004. As you can kind of see, if you are familiar with these types of logs, the Status code was 200. There is nothing in the System Log to indicate any kind of error or any of the logs for that matter. That
is why this is confusing to me. The logs were the first place I looked. This is the exact time it failed. I replaced the IP Addresses with text and surrounded in parens.
(Firewall IP Address) 8/2/2004 10:07 W3SVC1 SRVBIZTALK01 (Web Server IP Address ) 4688 654 708 Status Code--> 200 0 POST /XXXXXXX/XXXXX.asmx
I am running this through our ISA Server and it has worked fine except for when it occasionally breaks. This morning, it didn't break, so I am really confused about this one.
"Jeff Cochran" wrote:
> On Mon, 2 Aug 2004 20:51:25 -0700, "Knight of the Eld" <Knight of the
> Eld@discussions.microsoft.com> wrote:
>
Let IIS Manage password" checkbox, Restart IIS. Then, the next day, same thing all over again. I have run the IIS Lockdown utility and set .ini file to allow .asp, .aspx, etc.[vbcol=seagreen]
>
> Look at your event log for possible answers.
>
n my Web Server and a Partner's .aspx page calls into our Web Server to serve up our Customer data. The Data is on another server in our Organization, not the Web Server. The Partner's .aspx page doesn't feed us any type of credentials whatsoever. I am
99% sure they have hardcoded a DSN into the .asmx code which is served up on our IIS 5.0 Server. The DSN uses SQL Server User not Windows Integrated Security. If you could refer me to a tool or an Article that will help fix this problem it would be muc
h appreciated.[vbcol=seagreen]
>
> See:
>
> HOWTO: IIS and SQL Server on Separate Machines with Trusted
> Connection:
> http://support.microsoft.com/defaul...b;en-us;q176379
>
> Jeff
>
|
|
|
|
|