|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
IIS 6.0 on 2003 STD svr - 401.3 error with odd group membership isof any kind. Last saturdery our web site was not accessible due to anonymous access prompting for credentials and then showing 401.3 acl issues when you clicked out of the window. IUSR_Computername was being used as the default for the site for anonymous access and had been working all along. Couldn't get it to work again no matter what I did. Then made another iusr_computername and if it's part of the 'users' group it will work, being part of the 'guests' group doesn't work. Also the access will stop working atlest twice in 24 hour day since and each time the iusr i created membor of time is blanked out and missing 'users' group. I added both users and guests as a test a couple of days later and the 'users' group is the only that is missing and everything has to be reset again. Reset by my adding users to the iusr and restarting IIS and then anonymous access works for a while that day. Also tested this by creating a user called 'test' on local svr and set it to be part of users and guests group and whenever the iusr was no longer a part of 'userse' group and anyonmous access stopped working, so was the 'test' user missing the 'users' group in the member of tab. Any ideas? This has been going on for the past week and I constantly have to be checking to catch when the site is not accessible in order to ensure users can get on. Thanks! Your post is a little confusing. Are you saying that you add the
IUSR_<machinename> account to the "Users" group, and then after some period of time, it's removed from that group? If so, have you checked: a) there is no group policy object that is causing this behavior? b) Have you enable auditing to determine what is changing the Users group' group membership? Cheers Ken Show quoteHide quote "DockD" <Do***@discussions.microsoft.com> wrote in message news:75E018D5-9AD0-41B9-B7F1-6F0AC5EAF570@microsoft.com... > Server was working with no issues and hadn't had any updates in a few > weeks > of any kind. Last saturdery our web site was not accessible due to > anonymous > access prompting for credentials and then showing 401.3 acl issues when > you > clicked out of the window. > > IUSR_Computername was being used as the default for the site for anonymous > access and had been working all along. Couldn't get it to work again no > matter what I did. Then made another iusr_computername and if it's part of > the 'users' group it will work, being part of the 'guests' group doesn't > work. Also the access will stop working atlest twice in 24 hour day since > and each time the iusr i created membor of time is blanked out and missing > 'users' group. I added both users and guests as a test a couple of days > later and the 'users' group is the only that is missing and everything has > to > be reset again. Reset by my adding users to the iusr and restarting IIS > and > then anonymous access works for a while that day. > > Also tested this by creating a user called 'test' on local svr and set it > to > be part of users and guests group and whenever the iusr was no longer a > part > of 'userse' group and anyonmous access stopped working, so was the 'test' > user missing the 'users' group in the member of tab. > > Any ideas? This has been going on for the past week and I constantly have > to be checking to catch when the site is not accessible in order to ensure > users can get on. > > Thanks! 
Other interesting topics
IIS Web Server 2008
Certificate Mapping - Debugging Microsoft-WebDAV-MiniRedir/6.0.6001 Domain Account used for IIS6 Anonymous Account Risks? web site access OK by IP but not by name Certificate Installation Can't run any ASP script when virtual catalog allows anonymous connections SSL Certificate won't Bind to Default Web Site Server 2008 securing a browseable IIS directory Using "A share located on another computer" AND Authenticated acce |
|||||||||||||||||||||||
