|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
IIS Server default user account reset after patching?We have a clustered application that required the use of a specific account
for anonymous access. The application was configured with a local user account on each node in the cluster and has been working correctly since November. This week 2 situations occured that caused both nodes in the cluster to fail simultaniously. The issue was traced back to the fact that the account setup in IIS had been replaced back with the IUSR_Machinename account. The machines are tightly controlled and have very limited access for someone to be able to make a change of this nature. Is it possible that a windows security patch could have reset this account? We automate our patching and keep up to date with new patches as they are released. The latest round of patches were installed on the 20th Feb. If this is not possible could it be something within the cluster that changed the user account back? (I am doubting this to be the case since the server has been running since November without incident). Any help on this issue is much appreciated. Steve As far as I'm aware, no patch should reset these settings. Did you apply any
security templates, or restore a metabase? are you able to repeat this to pin down what caused it, or is this a production box? Or can you supply the exact patch details so someone else can replicate? -- Show quoteHide quoteJason Brown Microsoft GTSC, IIS This posting is provided "AS IS" with no warranties, and confers no rights. "Steve Marshall" <Steve Marsh***@discussions.microsoft.com> wrote in message news:AD977CC2-30D7-4F23-94E3-F5F467191BEC@microsoft.com... > We have a clustered application that required the use of a specific > account > for anonymous access. The application was configured with a local user > account on each node in the cluster and has been working correctly since > November. This week 2 situations occured that caused both nodes in the > cluster to fail simultaniously. The issue was traced back to the fact > that > the account setup in IIS had been replaced back with the IUSR_Machinename > account. The machines are tightly controlled and have very limited access > for someone to be able to make a change of this nature. > Is it possible that a windows security patch could have reset this > account? > We automate our patching and keep up to date with new patches as they are > released. The latest round of patches were installed on the 20th Feb. If > this is not possible could it be something within the cluster that changed > the user account back? (I am doubting this to be the case since the server > has been running since November without incident). > > Any help on this issue is much appreciated. > > Steve 
Other interesting topics
How to create a client side certificate on a Windows 2000 Server
Web Application cannot create folder in wwwroot\ Problem with Integrated Windows authentication on SSL connection Server security Problem with securing of Windows 2000 SP4 IIS with AD Windows 2003 SSL setup problem on IIS 5 ASPUSER account problem? SSL & The page cannot be displayed Permissions wizard Check User's Permissions on a file/folder in IIS 6.0 by ASP or ASP |
|||||||||||||||||||||||
