Re: IIS Anonymous Access Issue

From: Egbert Nierop \(MVP for IIS\) (egbert_nierop_at_nospam.invalid)
Date: 06/29/04 

Date: Tue, 29 Jun 2004 12:39:59 +0200

Hi!

install and Run FileMon and TokenMon from www.sysinternals.com and you can
see what is denied, exactly. Possibly, by a policy (it's hard to tell!) some
accounts might have been restricted or disabled. 

-- 
compatible web farm Session replacement for Asp and Asp.Net
http://www.nieropwebconsult.nl/asp_session_manager.htm
"Jordan Hotzel" <JordanHotzel@discussions.microsoft.com> wrote in message
news:877821AE-24DA-44D0-BACA-517FDDA40FA2@microsoft.com...
> IIS will not, under any security configuration allow anonymous website
access.
>
> The network is a home-based WLAN. A cable modem hooks into my cable ISP.
My wireless router connects to the modem and to my PC.
>
> The PC is Windows XP Pro with IIS 5.1
>
> Security for IIS: Anonymous access is enabled under the IUSR_SEAWOLF
username and the NTFS permissions are granted as FC - Full Control, both on
the IUSR_ and IWAM_ user accounts. Rights are passed down to all subfolders.
IIS is allowed to manage the passwords.
>
> Also, IWA is enabled. Without IWA enabled the server gives a standard 403
error, however when I do use both anonymous and IWA then I get a logon
prompt!
>
> So, I can't get to the site no matter how it is configured. I configured
no security, controled security, and Integrated Windows Authentication and
in combinations thereof with the same result - users are REQUIRED to login.
>
> They CAN access the server - just not ANY content on the server without
logging in. I do not want this, I want to allow everyone on the Internet to
browse the site.

Relevant Pages

  • Re: Please help refresh my memory on AD DC
    ... use only domain user accounts. ... "Meinolf Weber" wrote: ... Remote server ... Also that one for IIS. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Integrated security - why not?
    ... Let me explain why we seldom use Integrated Security for Internet asp.net ... how could we setup accounts for them? ... !server to the public network with services such as SQL Server (remember SQL ... The DC at the ISP is not for our own use. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Integrated security - why not?
    ... The DC at the ISP is not for our own use. ... very much wanted to go down the fully integrated security route. ... > FSMO roles on disjoined server), but I would advise against that. ... > and create local accounts and then recreate all security. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: CGI apps break after DCPROMO an IIS6 server
    ... This is one of those things different on a DC vs a member server in regards ... The "built in" accounts have the minimum and necessary privileges to run ... >privileges listed in F1-help of IIS Manager UI required ...
    (microsoft.public.inetserver.iis.security)
  • Re: Integrated security - why not?
    ... FSMO roles on disjoined server), but I would advise against that. ... and create local accounts and then recreate all security. ... server behind a firewall at your ISP and just publish HTTPS service. ...
    (microsoft.public.dotnet.framework.aspnet.security)
Loading