|
Home > Archive > IIS Server Security > December 2005 > IIS 6.0 Intranet Environment - Users Can't Upload Items
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
IIS 6.0 Intranet Environment - Users Can't Upload Items
|
|
| Peggy DaValt 2005-12-06, 6:02 pm |
| Good morning -
I am researching an issue that has become a problem on an Intranet that I
have worked on.
Here is the background information -
IIS 6.0 running on a Windows 2003 Server in a ASP.NET environment
Local users log in using their login ID that is attached to a Win2000
Server/XP environment.
What is happening is that even though all security has been opened up to
EVERYONE, no one (except me and the developer) are able to upload documents
to the Intranet using the authoring tool we created.
When a user gets an error message it refers back to the
c:\inetpub\wwwroot\.... location and saing that the upload has failed.
Other issues that I'm seeing in the event log are:
529 error - Logon/Logoff Unknown user name or bad password
680 error - Account Logon - Microsoft_Authentication_Package_V1_0 (via
administrator) failed. Error code 0xC000006A.
537 error - Logon/Logoff
Authentication package says Kerberos
Error: An error occurred during logon.
My question is....how to I remedy this? I need to be able to have Intranet
authors upload their own information and not me.
Also, could it be an issue with any hotfixes that have been applied?
This worked earlier this year (like March/April 2005) then all of a sudden
quit working.
I'd appreciate any comments that you could provide.
Many thanks!!
Cordially,
Peggy DaValt
IS Comprehensive Senior
Department of Regulation & Licensing - State of WI
Peggy.DaValt@drl.state.wi.us
| |
| David Wang [Msft] 2005-12-07, 3:50 am |
| Are the users using their own, real Windows user accounts or some custom
username/password system?
What authentication protocol is enabled in IIS?
What authentication protocol is ultimately negotiated by the browser?
What authentication/impersonation setting is configured in ASP.Net?
Any custom ISAPI Filter/Extension running on the server
All these things (and more) can affect the actual Windows user account
executing code... which ultimately affect whether your code is able to write
to the file system and hence ability to "upload documents".
If you are using all real Windows users and you say it works for you and the
developer but not anyone else, then I suspect that your application is
somehow writing the files to a location that only "Administrators" can write
to but not anyone else.
--
//David
IIS
http://blogs.msdn.com/David.Wang
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"Peggy DaValt" <PeggyDaValt@discussions.microsoft.com> wrote in message
news:3FB2D60E-AE29-4CCB-A85D-98F02D7B79FC@microsoft.com...
Good morning -
I am researching an issue that has become a problem on an Intranet that I
have worked on.
Here is the background information -
IIS 6.0 running on a Windows 2003 Server in a ASP.NET environment
Local users log in using their login ID that is attached to a Win2000
Server/XP environment.
What is happening is that even though all security has been opened up to
EVERYONE, no one (except me and the developer) are able to upload documents
to the Intranet using the authoring tool we created.
When a user gets an error message it refers back to the
c:\inetpub\wwwroot\.... location and saing that the upload has failed.
Other issues that I'm seeing in the event log are:
529 error - Logon/Logoff Unknown user name or bad password
680 error - Account Logon - Microsoft_Authentication_Package_V1_0 (via
administrator) failed. Error code 0xC000006A.
537 error - Logon/Logoff
Authentication package says Kerberos
Error: An error occurred during logon.
My question is....how to I remedy this? I need to be able to have Intranet
authors upload their own information and not me.
Also, could it be an issue with any hotfixes that have been applied?
This worked earlier this year (like March/April 2005) then all of a sudden
quit working.
I'd appreciate any comments that you could provide.
Many thanks!!
Cordially,
Peggy DaValt
IS Comprehensive Senior
Department of Regulation & Licensing - State of WI
Peggy.DaValt@drl.state.wi.us
|
|
|
|
|