|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
IUSR has to be in Admin group to workThis is from an earlier post, but I think I posted for the wrong thing.
None of my applications that use the IUSR account for anonymous authenication work, unless, I add the IUSR account to the admin group (this goes for all apps, asp, html, CF, etc..). I checked and it is in the Guest Group and it has the following User Rights Assignments: Access this computer from the network Allow Logon Locally Bypass Traverse Checking Log on as a Batch Job I can't see that this is any different from any of our other web servers. I also can't find that it needs to be anywhere else. I don't want to leave it in the Admin group for any longer than I have too. It's a dev server, so it hasn't been a problem yet, but I'd still like to get it setup correctly. Thanks! look into the authdiag utility from microsoft
Show quoteHide quote "Ishmealm" <Ishme***@discussions.microsoft.com> wrote in message news:B091A064-0ECC-4FDE-981A-D6964F5C45D0@microsoft.com... > This is from an earlier post, but I think I posted for the wrong thing. > > None of my applications that use the IUSR account for anonymous > authenication work, unless, I add the IUSR account to the admin group > (this > goes for all apps, asp, html, CF, etc..). I checked and it is in the > Guest > Group and it has the following User Rights Assignments: > > Access this computer from the network > Allow Logon Locally > Bypass Traverse Checking > Log on as a Batch Job > > I can't see that this is any different from any of our other web servers. > I > also can't find that it needs to be anywhere else. I don't want to leave > it > in the Admin group for any longer than I have too. It's a dev server, so > it > hasn't been a problem yet, but I'd still like to get it setup correctly. > Thanks! > Get filemon and regmon from sysinternals.com to trace as well.
-- Show quoteHide quoteRegards, Bernard Cheah http://www.iis-resources.com/ http://www.iiswebcastseries.com/ http://msmvps.com/blogs/bernard/ "Ishmealm" <Ishme***@discussions.microsoft.com> wrote in message news:B091A064-0ECC-4FDE-981A-D6964F5C45D0@microsoft.com... > This is from an earlier post, but I think I posted for the wrong thing. > > None of my applications that use the IUSR account for anonymous > authenication work, unless, I add the IUSR account to the admin group > (this > goes for all apps, asp, html, CF, etc..). I checked and it is in the > Guest > Group and it has the following User Rights Assignments: > > Access this computer from the network > Allow Logon Locally > Bypass Traverse Checking > Log on as a Batch Job > > I can't see that this is any different from any of our other web servers. > I > also can't find that it needs to be anywhere else. I don't want to leave > it > in the Admin group for any longer than I have too. It's a dev server, so > it > hasn't been a problem yet, but I'd still like to get it setup correctly. > Thanks! > 
Other interesting topics
Do I really need a wild card certificate ?
Security of Webpage Iusr_Servername NetworkPrinter Restricting IIS from serving static content Simple Anonymous Access question Common Name question Communicator Web Access Authentication Not Working IIS and enterpise sub CA on different machines run cgi in localhost without SSL? BIN Directory being hidden automatically |
|||||||||||||||||||||||
