Re: Annonymous account using domain account

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Kelmen Wong (kelmen_at_hotmail.com)
Date: 11/17/04 

Date: 17 Nov 2004 01:32:09 -0800

Well, after opened a case with M$, we can try using a vbscript to grab
the "good" password from 1st site.

How To Set Up Duplicate Anonymous Accounts on Separate Servers
http://support.microsoft.com/default.aspx?scid=kb;en-us;184566

But due to some internal reason, we are not going to execute this,
although we tested this out fine.

kelmen@hotmail.com (Kelmen Wong) wrote in message news:<843f541b.0411100158.7a8725a9@posting.google.com>...
> Greeting,
>
> We have an IIS 5 web app in dev, 2 sites, both also using secured
> (SSL). They refering to same physical folder. 2nd site certificate is
> bit special, required smartcard.
>
> Both web app (sites) settings are identically same, except the 1st
> is using "Script & Executable" permission while 2nd only "Script".
> Some of the folders are using a domain account as anonymous access. So
> far (in past) so good, they behaved as expected.
>
> This web server is belong to a domain, with partial communication
> allowed to the domain controller (blocked by firewall or closed,
> whatever). There are the "unable to locate DMC" of NetLogon in the
> event log once awhile, no big deal.
>
> However nowaday, the 2nd site giving "Access is Denied" error from
> those anonymous access using domain account. Below are the findings:
> - HTTP 401.5 in IIS log
> - W2SVC logged bad username or password of that particular account.
> - BUT 1st site with the same setting (except the special cert) behaved
> no problem!
>
> The 2nd site been deployed a renewed cert, that's the changes we
> awared.
> And the worst is nobody know the password for that domain account
> anymore.
>
> We tried "Allow IIS to control password", same result.
>
> We don't want to reset pwd, it will break many things.
>
> Anyone familiar with such problem? Any idea or suggestion to resolve
> it?

Relevant Pages

  • Re: IIS 6 CreateObject premissions issue
    ... >> tier system so I am confident that running on Windows 2000 what I am ... >> What I am attempting is to add a Windows 2003 server box to function as ... However if it is set for anonymous access using the ... >> end boxes to specifically allow the Domain account I attempted to use as ...
    (microsoft.public.inetserver.iis.security)
  • RE: IUSER in MSCS
    ... Yes it is recommended that you use a Domain account for anonymous access on ... Restart IIS by running IISreset ... This posting is provided "AS IS" with no warranties, and confers no rights. ...
    (microsoft.public.inetserver.iis.security)
  • Re: AD Login failure when using ActiveDirectoryMembershipProvider
    ... Anonymous access account is my domain account (for testing purposes it's ... supply the connectionUsername and connectionPassword it will use the ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Annonymous account using domain account
    ... Well, after opened a case with M$, we can try using a vbscript to grab ... How To Set Up Duplicate Anonymous Accounts on Separate Servers ... > Some of the folders are using a domain account as anonymous access. ...
    (microsoft.public.inetserver.iis.security)
  • Permissions
    ... FileSystemObject within ASP to create and delete folders ... on a different server. ... Using Anonymous Access with a nominated domain account, ...
    (microsoft.public.inetserver.iis.security)