>IF the DNS has a wild card entry and there is not a blank Host header for
>the site in IIS and they type a URL that does not have a host header they
>will be directed to the Default Website with the All Unassigned Header This
>is usually locked down.
>
>Rick
>
>-----Original Message-----
>From: Chunshen Li [mailto:[EMAIL PROTECTED]
>Sent: Thursday, May 13, 2004 7:48 AM
>To: CF-Talk
>Subject: Challenge/Response and IIS Security
>
>A client informed me that his site (on NT class OS and IIS web server) now
>required Network password to logon.
>I suspected it's NT Challenge/Response and IIS Security problem with his new
>setup.
>
>Did quick research to confirm my suspicion, seems that my suspicion is
>valid, it seems at least two situations would result in the above-mentioned
>problem:
>1) Anonymous Access with an NT/its class OS IIS user account,
>IUSR_{machineOrHostName} has been disabled under Integrated Windows
>Authentication schema (haven't tested other two authen. schemas).
>2) The default IIS user account, IUSER_{machineOrHostName) has been
>disabled.
>
>I've tested the above two scenarios separately with same result, that is, NT
>logon is prompted when accessing a site.
>
>Is there/ are there any further scenarios that cause the same NT access
>problem? Security gurus, you'll make my days.
>
>TIA.
> _____
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
