IIS Security

Hi all, I've just deployed a new IIS6 web server.  All of my XP-using clients are fine, but the Windows 2000 clients get a 500 error as soon as they try to connect & authenticate which turns out to be "the function requested is not ...

I am trying to implement a secure software update directory.  My application checks for and retrieves updates via http from a directory on our web server.  All this works fine, but there is no security.  I want to ...

Hi, First of all, I must say that I'm a developer and I have only general operational knowledge about IIS 6.0. We have two test web servers; one of them is in domain, and the other is not. ...

Hello there My initial question: is it possible to create multiple secure identities on the same server using several certificates and a secondary IP to be used with each certificate? the reason for this question is that people access Exchange 2003 front end ...

I have a site that requires certificates that I manage (I am root CA).  Can I get IE to automatically use a certifcate that is installed on the local PC every time without asking.  The site works great I just want to eliminate the ...

I created virtual directory on my development server and specified Digest authentication. I got error message "HTTP Error 401.1 - Unauthorized: Access is denied due to invalid credentials". Digest authentication works on my production server without any problems. My configuration is IIS 6, MS ...

I am probably just missing one of the basic facts of ssl, but it seems that selfssl.exe only uses 1 private key, and the only time that private key can be exported is when you export the most recently generated selfssl.exe cert. ...

While creating an FTP Site running on IIS 5 on a server that is part of a domain. I have decided to create a LocalUsers Folder within the ftproot and create accounts within the local users and groups for vendors, i then create ...

Some articles/papers seems to recommend you to rename the IUSR account (for added security). I can however not find any reason why you need to do it (but i can see the reason why you should rename the Administrator account). ...

Hi there, I've got a IIS 6.0 Website on Windows 2003 which I have setup as Integrated Authentication.  I have disabled all other forms of authentication (Anonymous, basic, etc). The Clients authenticate against a Windows NT domain currently.  When the ...

Hi, I am trying to set up a simple test case, following verbatim MS's tutorial "How To Set Up Client Certificates". [link] Unfortunately I am not having success. ...

Hello, i am having a ASP application which uses crystal designer runtime library to display crystal reports. it works perfectly fine with IIS5 under dllhost.exe architecture as the IIS6 has got a worker processor model it IIS6 doesnt allow the crystal DLL to export the report to a directory, it creates ...