Re: Cached Logon

From: Roland Hall (nobody_at_nowhere)
Date: 12/22/04


Date: Tue, 21 Dec 2004 21:53:29 -0600


"Roger Abell" <mvpNOSpam@asu.edu> wrote in message
news:%23fCBKGh5EHA.2592@TK2MSFTNGP09.phx.gbl...
: Why did you reference domain1 and domain2 ?
: > domain1\administrator - domain2\administrator both have the same
password.
: What is their relationship to this?
: It appears that the IIS and the SQL are installed on one machine ?
: Is the XP used to access the asp pages allowed to provide "behind
: the scenes" windows authentication information?
: You are saying that the connection string used for ado is
: identical on all three pages ?

Domain1:
Win2K Adv. Server
DC
AD
DNS
MS SQL 2K
IIS

Domain2:
XP Pro SP2

The folder on IIS holds all 3 .asp files.
All 3 connect to MS SQL using the same exact code for the connection and
same authentication.
On the server I was logged in as domain1\administrator.
On XP, I was logged in as domain2\administrator.

When I tried to access StraightASP.asp, I was asked for credentials. I
typed in domain1\administrator and that password which is the same password
used for the domain2\administrator. IIS, on that web server, uses Basic and
Integrated authentication only. MS SQL was set for SQL and Windows
authentication.

Only access the first page prompted me for credentials and then told me
access was denied.
The pages that used XML did not. The only difference between those files is
CSS in StraightXML1.asp and XSL in StraightXML2.asp.

It was my understanding that Windows would try to authenticate with the
current credentials and only after failing would prompt for credentials. I
also assumed that domain1\administrator would be treated differently than
domain2\administrator even though they had the same password. It appeared
that part worked correctly by requesting credentials but then failed to
authenticate. Only a reboot of the server itself cleared the problem and
ONLY the first file failed. The two others worked fine. And, when I
renamed the first file, it also worked. Rename is back, it fails. Rename
it to something else again, it works.

So, where is it being cached by filename, failing authentication, but
allowing it for other files with the same code? I restarted IIS, SQL and
cleared IE cache and closed all IE windows and started fresh and still only
a reboot of the server cleared the apparent caching issue.

I've never seen this issue and other than what I listed before the reboot, I
cannot reproduce the error.

I knew it was not IE, but I tested all that I thought could possibly be
involved. IE from the server and from the workstation both failed with the
same file and the other two worked on both. It apparently was happening at
the server level but I cannot prove it.

This is the connection string in all 3 files: (The password is not blank.
It has just been removed from here.)

Function GetRecordset()
 Dim cnn
 Set cnn = CreateObject("ADODB.Connection")
 cnn.Open "Provider=SQLOLEDB.1;Initial Catalog=PUBS;Data Source=localhost",
"sa", ""
 Set GetRecordset = cnn.Execute("select * from authors")
End Function

The only thing different in the first file, when run the first time, was an
error in the file I received from MSFT. CatalogPUBS should have been
Catalog=PUBS. All I did was add an the = sign and the password.

-- 
Roland Hall
/* This information is distributed in the hope that it will be useful, but 
without any warranty; without even the implied warranty of merchantability 
or fitness for a particular purpose. */
Technet Script Center - http://www.microsoft.com/technet/scriptcenter/
WSH 5.6 Documentation - http://msdn.microsoft.com/downloads/list/webdev.asp
MSDN Library - http://msdn.microsoft.com/library/default.asp