Re: ACL Permissions
From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 12/15/04
- Next message: Herb Martin: "Re: managing concurrent logons through multiple workstations"
- Previous message: Jason in CT: "managing concurrent logons through multiple workstations"
- In reply to: John Pugh: "Re: ACL Permissions"
- Next in thread: John Pugh: "Re: ACL Permissions"
- Reply: John Pugh: "Re: ACL Permissions"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 15 Dec 2004 17:13:33 -0600
Enable auditing on logon events for success and failure and privilege use
and object access for failure [probably only temporally]. Enable auditing on
that folder for that user. Then look in the security logs and Event Viewer
in general for any possible helpful messages. I would also look in Local
Security Policy on each computer and look for any differences under local
policies for security options or user rights. Any differences found between
the two boxes could be suspect. Also check any deny permissions to the
folder which you user could be affected by group membership. If this is a
domain computer, run the netdiag support tool on it looking for any
pertinent errors. -- Steve
http://support.microsoft.com/default.aspx?scid=kb;en-us;301640 -- needs
object access enable first.
"John Pugh" <john@cyber-media.co.uk> wrote in message
news:OU6E3$r4EHA.1452@TK2MSFTNGP11.phx.gbl...
> Thanks for the reply, I have compared the permissions between the two
> boxes (one that works and this one) and I can see very little differences,
> none in sections that I think might affect this problem is there anything
> specific that I should be looking for?
>
>
>
> "Andra" <andraatlatnetdotlv> wrote in message
> news:emKIJNr4EHA.1400@TK2MSFTNGP11.phx.gbl...
>> Policies? Especially concerning the way the password is sent over the
>> network.
>>
>> John Pugh wrote
>>> Hi,
>>>
>>> I am having problem that I thought some of you might be able to help,
>>>
>>> The problem is that we have created a directory on a 2k3 standard box
>>> that
>>> can only be accessed using a set username and password (used for
>>> accessing
>>> web stats over the internet) I have done this many times before without
>>> a
>>> hitch but on one of our boxes it does want to work at all!
>>>
>>> I have given the SYSTEM full control, Administrators full control and
>>> stats-viewer (the user who needs access) read and read & execute. This
>>> is
>>> the standard setup I have on all our boxes. I have also tried recreating
>> all
>>> the permissions the wwwroot directory has and putting it in the wwwroot
>>> directory to no avail.
>>>
>>> With the IUSR user in place it works, allowing anonymous access,
>>> therefore
>>> IIS is pointing to the right place and serving up the pages so that is
>>> working, but when IUSR access is taken away it throws back a "HTTP Error
>>> 401.3 - Unauthorized: Access is denied due to an ACL set on the
>>> requested
>>> resource." error when trying to login as stats-viewer. I have tried
>>> using
>>> Integrated and basic authentication, changing the user, changing the
>>> directory, creating a new web site in IIS, using Authdiag (which doesn't
>>> seem to shed light on the problem) all without success.
>>>
>>> Can anyone help, its doing my head in!!!
>>>
>>> Many thanks,
>>>
>>> John Pugh
>>
>>
>
>
- Next message: Herb Martin: "Re: managing concurrent logons through multiple workstations"
- Previous message: Jason in CT: "managing concurrent logons through multiple workstations"
- In reply to: John Pugh: "Re: ACL Permissions"
- Next in thread: John Pugh: "Re: ACL Permissions"
- Reply: John Pugh: "Re: ACL Permissions"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
