I have five users on my w2k3 server and they are setup to view a specific
directory accessible via my website in IIS6.  Last weekend my users started
to fail their logins.  I looked at the user setup and all of them had their
properties changed to need to change password on next login.  When I setup
those users, I specifically set them up with password never expires.  Is
there something that was automatically run on my server without me knowing
that flipped all those settings on me?  Or it is possible my machine was
hacked into?

On Thu, 17 Mar 2005 10:37:20 -0500, "Flip"
<[remove_me]phenr***@hotmail.com> wrote:

This isn't a function of IIS security settings, so you may want to ask
in a server group.  No, there's nothing that changes your settings,
that would pretty much end the sale of Microsoft products.  It's
possible your machine was hacked, or it's possible you changed them.

Jeff

Thank you Jeff for the response, I was starting to think this we going to go
unanswered.

I did, and unfortunately, haven't heard back anything yet. :<  Hence this
request.  Thanks for your time.

That's what I was thinking too, it would pretty dumb if they did that. :<

Yikes. :<  That was my fear. :<  I just came from linux where I don't
believe I was ever hacked into, and now this. :<  I'll have to dig some more
before I make that concrete decision.  It is possible I changed them, but
not explicitly, I hadn't been on that box in about a month. :<  The server
just hums along. :>

How to create a client side certificate on a Windows 2000 Server
Problem with Integrated Windows authentication on SSL connection
Web Application cannot create folder in wwwroot\
Server security
Problem with securing of Windows 2000 SP4 IIS with AD Windows 2003
IIS 6.0 Resource Kit
ASPUSER account problem?
SSL & The page cannot be displayed
Permissions wizard
Cannot set up an ftp site with restricted access