| Author |
Web Site Access requires UserID and Password
|
|
| Clay Slape 2005-08-12, 2:54 am |
| I just setup a windows server 2003 installation and website.
Something has gone wrong with the security settings that I can't find.
Anyone who tries to enter the public website is asked to enter UserID and
Password.
Which of my security settings is making this happen? How do I reset them to
the default mode ?
| |
| Chris Crowe [MVP] 2005-08-12, 7:58 am |
| If you are being prompted to enter credential you may have a problem with
the directory security permissions, or maybe the web site permissions are
prompting a user to supply them.
Try the following at look at the headers at the start of the output.
Open a DOS Cmd Prompt (enter cmd.exe into the Start-Run dialog)
Type in the following (note there is a space between the 127.0.0.1 and the
80)
Telnet 127.0.0.1 80
then type in the following and hit enter (GET must be in uppercase)
GET /
You should see a list of details displayed, scroll up until you can see the
headers.
something like this
HTTP/1.1 200 OK
Date: Fri, 12 Aug 2005 08:53:04 GMT
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
X-AspNet-Version: 1.1.4322
Set-Cookie: UserGUID=398d51a6268b44578204fdbb078b004
1; expires=Mon,
12-Aug-2030
08:53:01 GMT; path=/
Set-Cookie: ASP.NET_SessionId=o4pot22qabsunqvbnrftruyc; path=/
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 11290
If you can please copy and paste them back to the newsgroup and we will try
to help.
--
Cheers
Chris
Chris Crowe [IIS MVP]
"Clay Slape" <Clay Slape@discussions.microsoft.com> wrote in message
news:F5BCDBCF-2CD0-42B6-A38A-792B332446D2@microsoft.com...
>I just setup a windows server 2003 installation and website.
>
> Something has gone wrong with the security settings that I can't find.
>
> Anyone who tries to enter the public website is asked to enter UserID and
> Password.
>
> Which of my security settings is making this happen? How do I reset them
> to
> the default mode ?
| |
| Fransg [MSFT] 2005-08-12, 7:58 am |
|
"Clay Slape" <Clay Slape@discussions.microsoft.com> wrote in message
news:F5BCDBCF-2CD0-42B6-A38A-792B332446D2@microsoft.com...
>I just setup a windows server 2003 installation and website.
>
> Something has gone wrong with the security settings that I can't find.
>
> Anyone who tries to enter the public website is asked to enter UserID and
> Password.
>
> Which of my security settings is making this happen? How do I reset them
> to
> the default mode ?
Do you have annonymous access enabled and all others disabled?
--
Frans Geurtsen
PSS Security
Microsoft
This posting is provided "AS IS" with no warranties, and confers no rights.
| |
| Clay Slape 2005-08-12, 7:58 am |
| I do indeed have Anonymous Access enabled and have nothing below it checked.
"Fransg [MSFT]" wrote:
>
> "Clay Slape" <Clay Slape@discussions.microsoft.com> wrote in message
> news:F5BCDBCF-2CD0-42B6-A38A-792B332446D2@microsoft.com...
>
> Do you have annonymous access enabled and all others disabled?
>
>
> --
> Frans Geurtsen
> PSS Security
> Microsoft
>
> This posting is provided "AS IS" with no warranties, and confers no rights.
>
>
>
| |
| David Wang [Msft] 2005-08-13, 2:53 am |
| 1. Is this a clean install or upgrade
2. Is the machine in a domain or standalone.
If in a domain, check group policy to see if it is denying the IIS anonymous
user from logging on (hence anonymous access fails).
If upgrade, check that the anonymous user credential stored in IIS matches
the anonymous user credential of the local system or domain.
--
//David
IIS
http://blogs.msdn.com/David.Wang
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"Clay Slape" <ClaySlape@discussions.microsoft.com> wrote in message
news:E766FBC2-A1A4-4390-BEE2-038EABF17437@microsoft.com...
I do indeed have Anonymous Access enabled and have nothing below it checked.
"Fransg [MSFT]" wrote:
>
> "Clay Slape" <Clay Slape@discussions.microsoft.com> wrote in message
> news:F5BCDBCF-2CD0-42B6-A38A-792B332446D2@microsoft.com...
and[vbcol=seagreen]
>
> Do you have annonymous access enabled and all others disabled?
>
>
> --
> Frans Geurtsen
> PSS Security
> Microsoft
>
> This posting is provided "AS IS" with no warranties, and confers no
rights.
>
>
>
| |
| Roopesh 2005-08-19, 2:56 am |
| It appears to be a permission issue on the server
To get an exact error message try changing the browser settings
Tools -> Internet Options -> Advanced -> uncheck "Show friendly HTTP Error
Messages"
Try browsing again and see if it give a different error.
You must ensure that the anonymous user account has access to your Web
site's resources. The default anonymous user account in IIS 6.0 is
IUSR_machinename. This account has access to all of the content stored in the
Inetpub\wwwroot directory. However, if you create a virtual directory that
points to other locations that do not give Read permissions to the
IUSR_machinename account by default (for example, content in your Documents
and Settings folder), anonymous access is denied. IIS does not change ACLs on
your file system when you enable anonymous access to content, so you must
synchronize access between the URL namespace and the file system namespace.
(IISFAQ)
Refer the article http://support.microsoft.com/kb/812614/ and Check if the
permissions are set accordingly.
Use "Filemon" tool to verify the NTFS access. you may download this tool
from http://www.sysinternals.com/Utilities/Filemon.html
Start capturing in Filesystem activity in filemon and browse the web page.
Stop capturing after getting the error in browser.
Save the log and analyze it. if you find any "access denied" status in the
log, give appropriate permission to he folders or files
Hope this help you..
Regards
Roopesh
"Clay Slape" wrote:
> I just setup a windows server 2003 installation and website.
>
> Something has gone wrong with the security settings that I can't find.
>
> Anyone who tries to enter the public website is asked to enter UserID and
> Password.
>
> Which of my security settings is making this happen? How do I reset them to
> the default mode ?
|
|
|
|