Re: IIS 6.0
From: David Wang [Msft] (someone_at_online.microsoft.com)
Date: 07/03/04
- Next message: David Wang [Msft]: "Re: Two IIS 6 on 2K3 issues"
- Previous message: Bill Crouch: "w2k3 problem LSASRV error"
- In reply to: Keith R. Sylvester: "IIS 6.0"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 2 Jul 2004 20:22:58 -0700
Is this program that you are trying to run certified to work on Windows
Server 2003? I mean, it should have come with instructions on how to
properly configure itself. I'm only able to give advice on how to
troubleshoot the error you see, but it may not actually fix your problem.
Your main issue is that the program failed to configure itself properly, and
you should ask THAT program's vendor for support -- not here.
401.1 indicates that authentication was performed, but the username/password
of the credentials were incorrect.
The configuration of the virtual directory determines what authentication
protocols will be available (anonymous authentication means "auto-login with
this other anonymous user identity"). If you have multiple protocols
configured, then the actual protocol used for authentication is likely
negotiated between the client and server -- so for troubleshooting purposes,
you want to select EXACTLY one authentication protocol so you are certain
what is used.
Once you are certain of the authentication protocol in use when you get the
401.1, then you can start troubleshooting the error:
1. If you are using anonymous authentication, it means that the anonymous
username/password that was stored in IIS6 was incorrect. By default, IIS6
will auto-create and manage a IUSR account for this purpose, but this user
credential can easily fall out of sync with the actual user account if
you're not care about account-control. Make sure to synchronize the
username/password in the local SAM and IIS (or if domain, make sure to
synchronize with what's in the domain).
Previous versions of IIS had an "allow IIS to control anonymous
username/password" option which required IIS to run as LocalSystem (security
vulnerability) -- this is not the default in IIS6, and if your system
depended on this functionality before, it would be broken now. I highly
suggest you synchronize user credentials between IIS and the local
SAM/domain-controller instead of using "allow IIS to control..." because of
security implications.
2. If using any other authentication protocol, it means that the
username/password given by the client was incorrect. Start checking your
clients
3. There is a third common cause of 401.1 when you authenticate perfectly,
but the app was usang a Custom Application Pool Identity, have the server
joined to a domain, and you are using Integrated authentication. The
additional configuration that is necessary is described in documentation for
how to use "Custom Application Pool Identity" and I recommend you read it.
http://www.microsoft.com/resources/documentation/WindowsServ/2003/standard/proddocs/en-us/Default.asp?url=/resources/documentation/WindowsServ/2003/standard/proddocs/en-us/ca_cfgwrkridentity.asp
-- //David IIS This posting is provided "AS IS" with no warranties, and confers no rights. // "Keith R. Sylvester" <ksylvester@funddrive.com> wrote in message news:eROd77DYEHA.2944@TK2MSFTNGP11.phx.gbl... We are running Windows Server 2003, in which we are running IIS 6.0. We have a program called Wired Contact, that is basicly a website that pulls info from ACT! 2000. In order to do this, we had to create a virtual directory. The virtual directory is created, but everytime we try to connect to it, it gives us a 401.1 ERROR saying our credentials are invalid. Does anyone know if there are other settings that we have to adjust, in order to be able to use this virtual directory. Thanks! Keith Sylvester IT Department MMS ksylvester@funddrive.com
- Next message: David Wang [Msft]: "Re: Two IIS 6 on 2K3 issues"
- Previous message: Bill Crouch: "w2k3 problem LSASRV error"
- In reply to: Keith R. Sylvester: "IIS 6.0"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
