Re: RWW 403 forbidden error

Hi Bob,

I'm wondering about your NetBIOS domain name. The maximum length for these
is 15 characters. Your first part of your internal DNS domain name is:
WESTERNWATERANDLAND (19 characters) but your NetBIOS domain name is:
WESTERNWATERAND (only the first 15 characters). I'm wondering if this isn't
causing a problem somewhere. If it is, the only answer may be a reinstall
since you can't change these once you've installed SBS.

Maybe someone else here can confirm the NetBIOS vs internal Domain name
limitations and requirements.

Pre-RWW setup user accts can't log in
(see excerpt below for "Good" and "Bad")
http://groups.google.com/group/microsoft.public.windows.server.sbs/browse_thread/thread/228abb0a3a8db57b/ca45a1ed92c97e51?hl=en&lnk=st&q=Pre-RWW+setup+user+accts+can%E2%80%99t+log+in#ca45a1ed92c97e51

---------------------------------------------------------
1. Check if NetBIOS domain name does not match the left hand side of
the
DNS domain name (for example, AD is "ADDomain.local", but netbios is
"Domain"). To find out the names, you can type "set" in a command prompt at
the server. You may find the following information:

USERDNSDOMAIN=This is the AD DNS name
USERDOMAIN= This is the netbios domain name

Good:
USERDNSDOMAIN=FOURTHCOFFEE.LOCAL
USERDOMAIN=FOURTHCOFFEE
Bad:
USERDNSDOMAIN=FOURTHCOFFEE.LOCAL
USERDOMAIN=COFFEE
---------------------------------------------------------

--
Merv Porter [SBS-MVP]
============================

"BobS" <BobS@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:F273AFC6-6FEB-47F6-9470-B5DD904544DD@xxxxxxxxxxxxxxxx
As requested, the CEICW log is posted below. A couple of things first:

I installed the newest version of Panda AdminSecure and its server modules
on my server to rule that out as the cause. My RWW still works.

For the attached log, I first went through CEICW and turned off the Web
services. I then went through it again, turning on the Web services.
That
is when the Firewall Configuration step failed. Though I told it to
continue, the Web services did not get enabled. Then when I go through it
again, the Firewall phase does not fail, and the Web services do get
enabled.

I have only included the log file for the "failed" pass to avoid
confusion.
Let me know if you want to see the other one that went through OK. They
will
both be posted on my ftp site (ftp://rww.PackerIntl.com)

CEICW Log:

9/5/2008 4:17 PM
C:\Program Files\Microsoft Windows Small Business
Server\Networking\ICW\wizinet.dll, version 5.2.2893.0
calling CNetCommit::ValidatePropertyBag ().
Call to Querying for the property bag () returned ok.
Call to Reading hardware selection () returned ok.
Hardware selection: 0
Call to Validating hardware selection () returned ok.
Call to Reading LAN NIC Guid () returned ok.
LAN NIC Guid: {4C779F05-C813-4B69-9F74-8117028D663B}
Call to Validating LAN NIC Guid () returned ok.
Call to Validating NIC properties () returned ok.
Broadband selection: 1
Call to Validating broadband selection () returned ok.
calling CNetCommit::ValidateRouterConnectionProperties ().
Call to Reading UPNP selection () returned ok.
NOT a UPnP router
Call to Reading Router IP () returned ok.
Router IP: 192.168.254.1
Call to Validating Router IP () returned ok.
Call to Reading preferred DNS server IP () returned ok.
Preferred DNS server IP: 69.144.49.30
Call to Validating preferred DNS server IP () returned ok.
Call to Reading alternate DNS server IP () returned ok.
Alternate DNS server IP: 69.146.17.2
Call to Validating alternate DNS server IP () returned ok.
Call to Validating preferred and alternate DNS servers () returned ok.
Call to Reading router on second NIC () returned ok.
Call to CNetCommit::ValidateRouterConnectionProperties () returned ok.

9/5/2008 4:17 PM
C:\Program Files\Microsoft Windows Small Business
Server\Networking\ICW\wizrfire.dll, version 5.2.2893.0
calling CRFireCommit::ValidatePropertyBag (0xfcd938).
Call to This is a Router Single Nic configuration only Web Publishing will
be configured, Basic Firewall will not be configured. () returned ok.
Call to Reading web publishing selection () returned ok.
Call to Reading OWA publishing selection () returned ok.
Call to Reading RUP publishing selection () returned ok.
Call to Reading Monitoring publishing selection () returned ok.
Call to Reading OMA publishing selection () returned ok.
Call to Reading RPC publishing selection () returned ok.
Call to Reading Companyweb publishing selection () returned ok.
Call to Reading ROOT publishing selection () returned ok.
Web publishing selections:
OWA publishing: 1
RUP publishing: 1
Monitoring publishing: 0
OMA publishing: 0
RPC publishing: 0
Companyweb publishing: 0
ROOT publishing: 0
Call to CRFireCommit::ValidatePropertyBag () returned ok.

9/5/2008 4:17 PM
C:\Program Files\Microsoft Windows Small Business
Server\Networking\ICW\wizcert.dll, version 5.2.2893.0
Calling CCertCommit::ValidatePropertyBag
Nothing is published, will not touch SSL Settings
*** CCertCommit::ValidatePropertyBag returned ERROR 1

9/5/2008 4:17 PM
C:\Program Files\Microsoft Windows Small Business
Server\Networking\ICW\wizemail.dll, version 5.2.2893.0
calling CEmailCommit::ValidatePropertyBag ().
calling pdispPPPBag->QueryInterface (IPropertyPagePropertyBag, 0x6e50c).
Call to pdispPPPBag->QueryInterface () returned ok.
calling ReadInt4 (0xfcd938, DB5E5E45-3598-4F1D-8FF7-0ED35B9EB6A4).
Call to ReadInt4 () returned ok.
The out param of ReadInt4() is -1.
calling CValidatePropertyUtil.ValidatePropertyInteger ().
Call to CValidatePropertyUtil.ValidatePropertyInteger () returned ok.
Call to CEMailCommit::ValidatePropertyBag () returned ok.
calling CNetCommit::Commit (16570680).
calling CNetCommit::ValidatePropertyBag ().
Call to Querying for the property bag () returned ok.
Property bag is not dirty, skipping validation
calling CNetCommit::Common ().
calling CNetCommit::GetLanNicInfo ().
LAN NIC Guid: {4C779F05-C813-4B69-9F74-8117028D663B}
Call to Converting LAN NIC Guid () returned ok.
Call to Getting IP address for the LAN NIC () returned ok.
Call to Reading in the LAN NIC info () returned ok.
Call to Fixing the TCP/IP NIC Binding order () returned ok.
Dhcp server is installed and not disabled
Call to Set DHCP Server to start up automatically () returned ok.
DNS server is installed and not disabled
Call to Changing startup type for DNS () returned ok.
Call to Clearing DNS server entries on the LAN NIC () returned ok.
Call to Setting DNS server IP for the LAN NIC () returned ok.
Call to Resetting DNS recursion timeout () returned ok.
Call to Resetting client dns query timouts in config.dat () returned ok.
Call to DsGetDcName for local domain name () returned ok.
Call to Disabling RRAS routing () returned ok.
calling CNetCommit::DoRouter ().
Call to Clearing the default gateway on the LAN NIC () returned ok.
Call to Setting default gateway on the LAN NIC () returned ok.
Call to Setting DNS forwarders () returned ok.
Call to Preparing DNS for DNS listener reset () returned ok.
Call to Resetting DNS listeners () returned ok.
URL to the router is http://192.168.254.1
Call to Adding routers IP address to the intranet zone () returned ok.
Call to CNetCommit::DoRouter () returned ok.
Call to Configuring for router connection () returned ok.
calling ConfigureIE ().
calling SetInternetOptions ((null), (null), (null)).
calling InternetSetOptionA (NULL, INTERNET_OPTION_PER_CONNECTION_OPTION).
Call to InternetSetOptionA () returned ok.
Call to SetInternetOptions () returned ok.
calling InternetSetOption_AutodialConnection ().
Call to InternetSetOption_AutodialConnection () returned ok.
calling InternetSetOption_AutodialMode (4).
Call to InternetSetOption_AutodialMode () returned ok.
calling InternetSetOption_DisableAutodial (0).
Call to InternetSetOption_DisableAutodial () returned ok.
Call to ConfigureIE () returned ok.
Call to Configuring IE for router connection () returned ok.
Call to Notifying client setup for Default gateway as the router ()
returned
ok.
calling RegisterMSBOExchangeBP (0).
Error 0x1 returned from call to RegisterMSBOExchangeBP().
Call to Unregistering the smtp sink () returned ok.
Call to GetLocalDomainName () returned ok.
Call to Reading in the local domain name () returned ok.
Local Domain Name is: WesternWaterandLand.local
Call to Enabling secure dynamic DNS updates () returned ok.
Call to Disabling RoundRobin for DNS server () returned ok.
Call to GetLocalDomainName () returned ok.
Call to Configuring DHCP options () returned ok.
Call to Disabling the RASUTO service () returned ok.
Call to Configuring w32time parameters for fulltime () returned ok.
Call to Configuring the time service () returned ok.
Call to Notifying RWW for ISA () returned ok.
Call to CNetCommit::Common () returned ok.
Call to CNetCommit::Commit () returned ok.
calling CRFireCommit::CommitEx (0xfcd938).
calling CRFireCommit::ValidatePropertyBag (0xfcd938).
Call to This is a Router Single Nic configuration only Web Publishing will
be configured, Basic Firewall will not be configured. () returned ok.
Call to Reading web publishing selection () returned ok.
Call to Reading OWA publishing selection () returned ok.
Call to Reading RUP publishing selection () returned ok.
Call to Reading Monitoring publishing selection () returned ok.
Call to Reading OMA publishing selection () returned ok.
Call to Reading RPC publishing selection () returned ok.
Call to Reading Companyweb publishing selection () returned ok.
Call to Reading ROOT publishing selection () returned ok.
Web publishing selections:
OWA publishing: 1
RUP publishing: 1
Monitoring publishing: 0
OMA publishing: 0
RPC publishing: 0
Companyweb publishing: 0
ROOT publishing: 0
Call to CRFireCommit::ValidatePropertyBag () returned ok.
Call to GetPrivateNICGuid () returned ok.
Call to GetIPAddress for private nic () returned ok.
Call to GetSubnetMask for private nic () returned ok.
RUP is not published
Call to Fixing the inheritance for root dir () returned ok.
Call to Unpublishing the default web site () returned ok.
Call to Fixing the inheritance for companyweb dir () returned ok.
Call to Unpublishing companyweb () returned ok.
Call to Publishing /Exchange () returned ok.
Call to Publishing /ExchWeb () returned ok.
Call to Publishing /Public () returned ok.
Call to Publishing /ExAdmin () returned ok.
Call to Publishing RUP () returned ok.
Call to Publishing client help for RUP () returned ok.
Call to Notify RUP for OWA () returned ok.
Call to Notify RUP for Monitoring () returned ok.
Call to Notify RUP for RPC () returned ok.
Call to Notify RUP for Companyweb () returned ok.
Call to Restricting exhchangeoma to local server only () returned ok.
Call to Restricting ConnectComputer to local network only () returned ok.
Call to GetInternetServerName () returned ok.
Call to GetNetbiosDomainName () returned ok.
Call to NotifyProvisioning () returned ok.
Call to Limiting number of connections () returned ok.
Error 0x80040211 returned from call to Sending RUP intro mail().
calling Set Web Publishing Rules (0x80040211).
Error 0x80040211 returned from call to CRFireCommit::Commit().
Calling CCertCommit::CommitEx
Calling CCertCommit::ValidatePropertyBag
Require SSL for OWA: 1
Require SSL for Remote Portal: 1
Require SSL for Monitoring: 0
Require SSL for OMA: 0
Require SSL for CompanyWeb: 0
Require 128 Bit Encryption: 1
Cert selection: 1
Web server name: rww.westernwaterandland.com
CCertCommit::ValidatePropertyBag returned OK
Opening the cert store returned OK
Reading the computer name returned OK
Reading the fully qualified server name returned OK
Creating the self signed cert returned OK
Adding the certificate into the store returned OK
Removing the old certs returned OK
Installing the cert hash to IIS metabase for the default website returned
OK
Installing the cert hash to IIS metabase for companyweb returned OK
Saving the cert for clients returned OK
Updating Client Setup config.dat file returned OK
Installing the internal cert to the root store returned OK
CCertCommit::EnableSSL returned OK
CCertCommit::RequireSSL returned OK
CCertCommit::NotifyRemoteUserPortal returned OK
Reading the Internet Server Name returned OK
OMA is not published, will not update the server name
Sending RUP intro mail returned OK
CCertCommit::SaveUserSelections returned OK
CCertCommit::CommitEx returned OK
calling CEmailCommit::Commit (0x2d86b0).
calling CEmailCommit::ValidatePropertyBag ().
calling pdispPPPBag->QueryInterface (IPropertyPagePropertyBag, 0x6e488).
Call to pdispPPPBag->QueryInterface () returned ok.
calling ReadInt4 (0xfcd938, DB5E5E45-3598-4F1D-8FF7-0ED35B9EB6A4).
Call to ReadInt4 () returned ok.
The out param of ReadInt4() is -1.
calling CValidatePropertyUtil.ValidatePropertyInteger ().
Call to CValidatePropertyUtil.ValidatePropertyInteger () returned ok.
Call to CEMailCommit::ValidatePropertyBag () returned ok.
calling pdispPPPBag->QueryInterface (IPropertyPagePropertyBag, 0x6e4f4).
Call to pdispPPPBag->QueryInterface () returned ok.
calling ReadInt4 (0xfcd938, DB5E5E45-3598-4F1D-8FF7-0ED35B9EB6A4).
Call to ReadInt4 () returned ok.
The out param of ReadInt4() is -1.
calling GetDomainAndControllerNames ().
Call to GetDomainAndControllerNames () returned ok.
calling GetOrganizationName (\\hal.WesternWaterandLand.local,
DC=WesternWaterandLand,DC=local).
Call to GetOrganizationName () returned ok.
calling GetFirstAdministrativeGroup (\\hal.WesternWaterandLand.local,
DC=WesternWaterandLand,DC=local, WESTERNWATERAND).
Call to GetFirstAdministrativeGroup () returned ok.
calling GetFirstRoutingGroup (\\hal.WesternWaterandLand.local,
DC=WesternWaterandLand,DC=local, WESTERNWATERAND, first administrative
group).
Call to GetFirstRoutingGroup () returned ok.
Call to SetCookieAuthentication () returned ok.
Call to Enabling Wireless admin for OMA () returned ok.
Call to Getting NETBIOS domain name () returned ok.
NETBIOS domain name: WESTERNWATERAND
Call to Enabling NTLM on /public () returned ok.
calling CommitPOP3 (0xfcd938).
Call to CommitPOP3 () returned ok.
calling _SetRegInt4Value (HKEY_LOCAL_MACHINE,
SOFTWARE\Microsoft\SmallBusinessServer\Connectivity\ICW,
Last_MailOption_Exchange, -1).
Ignoring return value from call to _SetRegInt4Value().
Call to CEMailCommit::Commit () returned ok.
calling GetBOConnector ().
Call to GetBOConnector () returned ok.
calling spADs->PutEx (ADS_PROPERTY_CLEAR,
msExchSmtpOutboundSecurityPassword).
Call to spADs->PutEx () returned ok.
calling spADs->SetInfo ().
Call to spADs->SetInfo () returned ok.

--
Bob Showalter
Packer International


"Merv Porter [SBS-MVP]" wrote:

Hi Bob,

Let's take a look at the CEICW log file when CEICW fails....

C:\Program Files\Microsoft Windows Small Business
Server\Support\icwlog.txt

First delete or rename icwlog.txt. (This will allow a fresh copy of the
file to be created when you run CEICW). Then re-run CEICW and post the
resultant icwlog.txt file for us to look at (just copy and paste into
your
reply).

--
Merv Porter [SBS-MVP]
============================

"BobS" <PackerIntl@xxxxxxxxx> wrote in message
news:C02DC9D3-EB90-428B-B49B-D9524A03F9C3@xxxxxxxxxxxxxxxx
Merv,

There does not appear to be any phantom devices. The extra 2 adapters
were infact as I said earlier Panda bindings to the adapter and to the
WAN
Miniport (IP). To verify that this was not the problem, I uninstalled
the
Panda FileSecure module and then the BPA did not give the error about 3
adapters and the extra's were gone in device manager.

However, RWW still did not work.

As per the instructions in your link below, I reinstalled RWW; still
does
not work.

I am pretty sure I mentioned this earlier, but when running CEICW after
the reinstall, when it gets to the Firewall (second stage of the
configuration) it fails. It brings up a dialog that says "An error
occurred while configuring a component." (The Panda module is still
uninstalled). I do not know which log to look at for a clue as to what
happened. I told it to continue with the configuration of the other
components but as I said, RWW still does not work.

So to make sure I didn't do anything wrong, I ran it again with all the
same settings. Though I told it to continue with the other components
last time, it apparently did not because the Web Services Components
were
not enabled. I clicked the radio button to enable them again. This
time
there were no errors (???). And when I was done, the Web Service
components show up as allowed. But alas, still no RWW.

Just for grins and giggles I tried to start the Windows Firewall/ICS
service. It failed: Error 170. That is probably normal since there is
only 1 nic, but just thought I would try.
Support at Panda had me reset the winsock catalog just to see if that
might help. It did not.

Here's hoping that you are not completely frustrated yet.

"Merv Porter [SBS-MVP]" <mwport@xxxxxxxxxxxxxxxxxxx> wrote in message
news:O865XTuDJHA.5316@xxxxxxxxxxxxxxxxxxxxxxx
And you may be close to reinstalling RWW...

Setting Up RWW
http://groups.google.com/group/microsoft.public.windows.server.sbs/browse_thread/thread/3a671f95de265047/47f9e62a5da45fc4?hl=en&lnk=st&q=setting+up+rww#47f9e62a5da45fc4

--
Merv Porter [SBS-MVP]
============================

"Merv Porter [SBS-MVP]" <mwport@xxxxxxxxxxxxxxxxxxx> wrote in message
news:%23ydT3IuDJHA.4800@xxxxxxxxxxxxxxxxxxxxxxx
SG raises a good point about the Trend Micro (antivirus) firewall and
the SBS 2003 BPA. If you're not using Trend Micro, maybe you have a
"phantom" NIC left over from the Swing Migration:

Display "phantom" devices

1. Click Start, click Run, type cmd.exe, and then press ENTER.
2. Type set devmgr_show_nonpresent_devices=1, and then press ENTER.
3. Type Start DEVMGMT.MSC, and then press ENTER.
4. Click View, and then click Show Hidden Devices.
5. Expand Network Adapters.

Delete any phantoms you find.

Also, make sure you have the latest driver for the Broadcom NIC.

--
Merv Porter [SBS-MVP]
============================

"BobS" <BobS@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:FE14F943-B4F7-4C6E-9337-073A987A63FD@xxxxxxxxxxxxxxxx
Merv,

What a great tool. How is it that I have heard about Best Practices
but
never heard of this analyzer. Thanks,

Anyway, I have not solved the problem, but I think the BPA may have
pointed
out the problem. One of the critical errors says that: "Three or
more
network adapter cards were detected" and that this will cause the
CEICW
to
fail.

Now how do I correct this? I looked in device manager and there is
only one
network adapter there. Where do I look to seek and destroy the
other 2
adapters (that really don't exist).

I exported the logs from SBS BPA, but have never had any luck trying
to
attach a file here. Is there a way to do that or is there someplace
else I
could post them. I am just now trying to put up an ftp site on my
server and
I have posted them there if you can get to it:
ftp://rww.packerintl.com.

Thanks; I anxiously await your instructions.
--
Bob Showalter
Packer International


"Merv Porter [SBS-MVP]" wrote:

https://mail.westernwaterandland.com/remote does not resolve te RWW
problem.
Using your WAN IP address in place also does not resolve the
problem.

OK, let's try... Install and run a scan with the SBS 2003 BPA:

Microsoft Windows Small Business Server 2003 Best Practices
Analyzer
http://207.46.19.190/downloads/details.aspx?familyid=3874527A-DE19-49BB-800F-352F3B6F2922&displaylang=en

Small Business Server 2003 Best Practices Analyzer Updated
http://blogs.technet.com/sbs/archive/2008/02/20/small-business-server-2003-best-practices-analyzer-updated.aspx

How to Use the Windows SBS 2003 BPA
http://blogs.technet.com/sbs/archive/2007/10/22/how-to-use-the-windows-sbs-2003-bpa.aspx


--
Merv Porter [SBS-MVP]
============================

"BobS" <BobS@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:A3947259-5E40-4F6E-BB45-30EF110A997B@xxxxxxxxxxxxxxxx
My how I admire perserverance; and appreciate it for something
like
this.

Response to all 3 of your posts are here:

1. Results of ipconfig /all


Windows IP Configuration

Host Name . . . . . . . . . . . . : hal
Primary Dns Suffix . . . . . . . : WesternWaterandLand.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : WesternWaterandLand.local

Ethernet adapter Server Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit
Ethernet
Physical Address. . . . . . . . . : 00-21-9B-F9-AD-08
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.254.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.254.1
DNS Servers . . . . . . . . . . . : 192.168.254.2
Primary WINS Server . . . . . . . : 192.168.254.2

2. Yes, port 4125 is forwarded to the server nic
(192.168.254.2),
as are
all of the other ports concerned with remote access of different
types
(443,
444, 21, ...)

3. All of the settings for Directory Security for the "Remote"
virtual
web
site are exactly as you have them below.

4. I also cleared out the W3SVC1 log for the day and then tried
to
log in
to RWW. The contents of the log after the failed attempt are as
follows:
#Software: Microsoft Internet Information Services 6.0
#Version: 1.0
#Date: 2008-09-04 05:11:29
#Fields: date time s-sitename s-computername s-ip cs-method
cs-uri-stem
cs-uri-query s-port cs-username c-ip cs-version cs(User-Agent)
cs-host
sc-status sc-substatus sc-win32-status
2008-09-04 05:11:29 W3SVC1 HAL 192.168.254.2 GET /remote - 80 -
216.52.47.231 HTTP/1.1
Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+6.0;+SLCC1;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506;+InfoPath.2)
rww.westernwaterandland.com 302 0 0
2008-09-04 05:11:35 W3SVC1 HAL 192.168.254.2 GET /remote - 80 -
216.52.47.231 HTTP/1.1
Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+6.0;+SLCC1;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506;+InfoPath.2)
rww.westernwaterandland.com 302 0 0
2008-09-04 05:11:35 W3SVC1 HAL 192.168.254.2 GET /remote - 443 -
216.52.47.231 HTTP/1.1
Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+6.0;+SLCC1;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506;+InfoPath.2)
rww.westernwaterandland.com 301 0 0
2008-09-04 05:11:35 W3SVC1 HAL 192.168.254.2 GET /remote/ - 443 -
216.52.47.231 HTTP/1.1
Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+6.0;+SLCC1;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506;+InfoPath.2)
rww.westernwaterandland.com 403 14 5

5. On your other post for the settings for Default Website and
Remote
Virtual Website Directory Security; what I have is exactly as you
have it
specified.

Thanks again for your perserverance.

--
Bob Showalter
Packer International


"Merv Porter [SBS-MVP]" wrote:

And here's a list of all settings for the properties of the
"Remote"
virtual
web site under the Default Web site in IIS...

For RWW:

1. Open IIS snap-in.
2. Go to Default Web Site/Remote.
3. Right click Remote and click Properties.
4. Click Directory Security tab.
5. Click Edit under "Authentication and access control".
6. Make sure that only the "Enable anonymous access" and
"Integrated
Windows Authentication" have been checked.
7. Click Edit under "IP address and domain name restriction".
8. Make sure that "Granted access" has been selected.
9. Click Edit under "Secure communications".
10. Make sure that "Require secure channel (SSL)" and "Require
128-bit
encryption" have been checked.


--
Merv Porter [SBS-MVP]
============================

"Merv Porter [SBS-MVP]" <mwport@xxxxxxxxxxxxxxxxxxx> wrote in
message
news:OU27$KhDJHA.1184@xxxxxxxxxxxxxxxxxxxxxxx
Is port 4125 corrected forwarded in the router to the IP
address
of the
SBS NIC?

--
Merv Porter [SBS-MVP]
============================

"BobS" <BobS@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:6B023657-EAF6-4E91-9C1F-182E999B4CCD@xxxxxxxxxxxxxxxx
Thanks Merv,

Those are the settings I have. It is a single NIC system.
--
Bob Showalter
Packer International


"Merv Porter [SBS-MVP]" wrote:

Directory Security settings... (on a two NIC system, if that
matters)

IIS | <yourserver> | Web Sites | Default Web Site |
Properties
|
Directory
Security | IP Address and Domain Name Restrictions | Edit...

Settings should be Denied Access;
Except the Following: Granted 192.168.16.2
(255.255.255.0)
Except the Following: Granted 127.0.0.1

IIS | <yourserver> | Web Sites | Default Web Site | Remote|
Properties |
Directory Security | IP Address and Domain Name Restrictions
|
Edit...

Granted Access

--


.

Loading