Re: HTTP 401.3 error: Please help - Urgent.

From: RAM GANESAN (ramganesan_at_gmail.com)
Date: 09/20/04 

Date: 20 Sep 2004 14:41:01 -0700

A major update to the following post (please do read the full post
down below):

I came across this Microsoft KB article.....

http://support.microsoft.com/default.aspx?scid=kb;EN-US;832981

...and am strongly convinced that the security event log being full is
the reason why non-administrative users are not able to access the
websites. I (an administrator on the server) am not able to view or
clear the security even log. When I try to access the log it gives the
error:

Unable to complete the operation on "Security." A required privilege
is not held by the client.

Why is this happening? Is this really WHAT IS CAUSING AUTHENTICATION
PROBLEMS in my server? Please reply. Thanks.

ramganesan@gmail.com (RAM GANESAN) wrote in message news:<2dca7102.0409200554.61b22099@posting.google.com>...
> Hello,
>
> I have a site which uses Basic Authentication. The site authenticates
> only me and others who are among the 'Administrators' group in the
> server. All other users get the HTTP 401.3 Access denied by ACL on
> resource error!! No changes was made to the folder permissions
> recently and the only thing that happened before the site broke down
> was that several critical windows updates were pushed by our network
> admin and the webserver rebooted.
>
> I downloaded the AuthDiag tool and tried to use the Check
> Authentication task but it always gives me "URL entered is invalid"
> error!!! I enter the complete URL to that
> site..like...http://www.###.com/ab/cd/foldername/index.cfm
>
> I can access the URL from my browser as I am an administrator on the
> server. If I try to access the URL from a common user's browser...I
> get the login prompt and even if user enters the right login
> information it gives the 401.3 error. Since it is a https site and
> requires basic authentication, I guess the AuthDiag tool could not get
> in with whatever account that it uses to authenticate in.
>
> Does this have anything to do with the IUSR_Machinename account? I
> believe that pushing Microsoft updates alone cannot mess up anything
> in a server but is it possible that once the updates are installed and
> the server is rebooted, the ACLs and/or windows accounts (especially
> IUSR_) did not get set up properly?
>
> I tried to investigate further on the IUSR_Machinename account and
> this is what I found:
>
> I used the following VBS code to find out what the IUSR_machinename
> and IWAM_machinename account passwords were and I was surprised to see
> that the code returned a password for IWAM account BUT NOT the IUSR
> account!!! It was empty! Is this possible? Is this why I am having all
> these troubles?
>
> .VBS code:
> ________________________________________________________
> Dim IIsObject
>
> Set IIsObject = GetObject ("IIS://localhost/w3svc")
>
> WScript.Echo "UserName = " & IIsObject.Get("AnonymousUserName") &
> vbCrlf & _
> "UserPass = " & IIsObject.Get("AnonymousUserPass") & vbCrlf & vbCrlf
> &_
> "WAMUser = " & IIsObject.Get("WAMUserName") & vbCrlf & _
> "WAMPass = " & IIsObject.Get("WAMUserPass")
>
> Set IIsObject = Nothing
> _________________________________________________________
>
> Please....this is urgent. I appreciate all the help I can get.

Relevant Pages