max7
asked on
IIS 5.1 Problem with User credentials and/or password authentication
I am running IIS 5.1 on my home computer: XP Pro SP2, all updates. I seemingly successfully created a virtual server/domain so that I could use my computer as a local host to do some website development. I created a simple webform, .asp page to package up the info and I also created an Access database to receive the information.
The problem: When I try to test my webform by clicking the submit button, my browser goes to load my .asp page and I receive the message "You are not authorized to view this page." It lists the HTTP error 401.1. The Event Viewer records Event ID 100, Source W3SVC and states whatever user I have designated had bad username, password or invalid credentials.
I have set the Directory Security to Anonymous Authentication on all user accounts, I have made the file folder containing the .asp page available for sharing on my network, I have worked with the NTFS file permissions, etc. etc but nothing seems to work.
I thought about changing the User account passwords but I'm not sure necessarly how to do this correctly nor if it will have adverse effects on my computer.
From what I can see, this does not seem to be a complex problem but like everything else, it takes specific knowledge which I obviously lack.
Hopefully this was clear but if not let me know what additional information is needed to resolve this issue.
Thanks,
Max
The problem: When I try to test my webform by clicking the submit button, my browser goes to load my .asp page and I receive the message "You are not authorized to view this page." It lists the HTTP error 401.1. The Event Viewer records Event ID 100, Source W3SVC and states whatever user I have designated had bad username, password or invalid credentials.
I have set the Directory Security to Anonymous Authentication on all user accounts, I have made the file folder containing the .asp page available for sharing on my network, I have worked with the NTFS file permissions, etc. etc but nothing seems to work.
I thought about changing the User account passwords but I'm not sure necessarly how to do this correctly nor if it will have adverse effects on my computer.
From what I can see, this does not seem to be a complex problem but like everything else, it takes specific knowledge which I obviously lack.
Hopefully this was clear but if not let me know what additional information is needed to resolve this issue.
Thanks,
Max
ASKER
Hello meverest,
Thanks for your comment and I just want to warn you not to be astounded by what I don't know; this is unfamiliar territory for me. That said and assuming I understand what you telling me to do, here is some information: aside from the IUSR and the IWAM accounts, I have two other accounts active on my machine: Administrator and one under my first name. These user accounts are made available when I am in the Directory Security tab. In the end, I have tried all these active accounts using anonymous authentication for each and it doesn't work. Are we talking about the same thing?
Also, when tell me to use my own login credentials I don't know what those would be or where I would find them. I had a password set on my User account bearing my first name so that when my computer started it required a login but when all this trouble started, I removed the password in hopes it would solve the problem (and it obviously did not). So again, where would do I find my login credentials? Are these the same as the password I personally set for my first name User account?
I do not want the website to be accesible from the internet at this point; my only goal in using IIS was to enable me to use my home computer as a local host so I could do some web development. That being the case and since I am swimming in the dark to a greater degree, I have been concerned if anything that I am doing could create a security breach that could possible allow a hacker to gain access or control over my machine. I would greatly appreciate knowing some ways to keep things locked down while using IIS.
Thanks again for your time and patience -- I appreciate it greatly!
Thanks for your comment and I just want to warn you not to be astounded by what I don't know; this is unfamiliar territory for me. That said and assuming I understand what you telling me to do, here is some information: aside from the IUSR and the IWAM accounts, I have two other accounts active on my machine: Administrator and one under my first name. These user accounts are made available when I am in the Directory Security tab. In the end, I have tried all these active accounts using anonymous authentication for each and it doesn't work. Are we talking about the same thing?
Also, when tell me to use my own login credentials I don't know what those would be or where I would find them. I had a password set on my User account bearing my first name so that when my computer started it required a login but when all this trouble started, I removed the password in hopes it would solve the problem (and it obviously did not). So again, where would do I find my login credentials? Are these the same as the password I personally set for my first name User account?
I do not want the website to be accesible from the internet at this point; my only goal in using IIS was to enable me to use my home computer as a local host so I could do some web development. That being the case and since I am swimming in the dark to a greater degree, I have been concerned if anything that I am doing could create a security breach that could possible allow a hacker to gain access or control over my machine. I would greatly appreciate knowing some ways to keep things locked down while using IIS.
Thanks again for your time and patience -- I appreciate it greatly!
Hello,
yes, your username and the password you set will do (so long as you set up your own user as an admin role)
you set these credentials in the directory security tab -> anonymous access -> edit, as you expect, PLUS under the application pool identity tab.
You should try both the administrator username and password as well as your own personal username.
If all else fails, try uninstalling IIS and then reinstall using the add-remove-programs -> system-components
Cheers.
yes, your username and the password you set will do (so long as you set up your own user as an admin role)
you set these credentials in the directory security tab -> anonymous access -> edit, as you expect, PLUS under the application pool identity tab.
You should try both the administrator username and password as well as your own personal username.
If all else fails, try uninstalling IIS and then reinstall using the add-remove-programs -> system-components
Cheers.
ASKER
Hi,
I have tried everything you suggested in your last posting including unstall/reinstall and the problem remains.
Please let me know if I need to provide you with more information, screenshots, etc. so this problem can be resolved.
Thanks.
I have tried everything you suggested in your last posting including unstall/reinstall and the problem remains.
Please let me know if I need to provide you with more information, screenshots, etc. so this problem can be resolved.
Thanks.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Dave,
Thanks for jumping in on this - at your request I have attached three of the most recent HTTP logs for your review. Let me know if this helps at all.
I have reinstalled IIS for a second time but I have not set up another virtual directory and the problem exists even still. I have attached screenshots to show that this password/User problem starts even before the listing of my local computer; when I select my local computer and then right click and choose "browse" a login screen appears. I have no idea what the password would be since I didn't set it; the only password I have ever set on this computer was for a start up login but since these issues have occured I removed that password so now no startup login is required. Therefore, before I create another Virtual Directory I would like your opinion on these screenies because it seems this is where the problem really begins.
Lastly, on using the cmd prompt to create a perm.txt. I'm sorry to say but I would need more specific direction on how to do this. I know the basics of using the cmd prompt but I have never navigated to a specific file or created a perms.txt
Once again, thanks very much for digging into this issue.
Max
ex080227.log
ex080228.log
ex080301.log
Login-1.JPG
Login-2.JPG
Login-3.JPG
Thanks for jumping in on this - at your request I have attached three of the most recent HTTP logs for your review. Let me know if this helps at all.
I have reinstalled IIS for a second time but I have not set up another virtual directory and the problem exists even still. I have attached screenshots to show that this password/User problem starts even before the listing of my local computer; when I select my local computer and then right click and choose "browse" a login screen appears. I have no idea what the password would be since I didn't set it; the only password I have ever set on this computer was for a start up login but since these issues have occured I removed that password so now no startup login is required. Therefore, before I create another Virtual Directory I would like your opinion on these screenies because it seems this is where the problem really begins.
Lastly, on using the cmd prompt to create a perm.txt. I'm sorry to say but I would need more specific direction on how to do this. I know the basics of using the cmd prompt but I have never navigated to a specific file or created a perms.txt
Once again, thanks very much for digging into this issue.
Max
ex080227.log
ex080228.log
ex080301.log
Login-1.JPG
Login-2.JPG
Login-3.JPG
Hi Max,
what do you get when you put this into a browser:
http://127.0.0.1
All your logs show an attempt to access some asp script - have you tried making just a plain html page and opening that up?
Cheers.
what do you get when you put this into a browser:
http://127.0.0.1
All your logs show an attempt to access some asp script - have you tried making just a plain html page and opening that up?
Cheers.
ASKER
When I go to the ip you provided, a login window appears asking for a Username and Password. When I can't provide that info, it returns with:
You are not authorized to view this page
HTTP 401.2 - Unauthorized: Logon failed due to server configuration
Internet Information Services
Regarding opening up a standard html page using my local host, the answer I think would be no; reviewing my actions, although I created a virtual directory in IIS with both my html and .asp pages, without realizing it I would launch my html page directly from the folder on my local machine i.e. I didn't use my browser to load it from my local host (chalk this up to being inexperienced with these things). When I would click the submit button on the webform, it would then try to access the .asp page inside the virtual directory and I would then receive the HTTP 401.1 error. My assumption at this point is this problem would most likely occur with an html page as well but since I have not set up a virtual directory again to test it, I can't be positive.
You are not authorized to view this page
HTTP 401.2 - Unauthorized: Logon failed due to server configuration
Internet Information Services
Regarding opening up a standard html page using my local host, the answer I think would be no; reviewing my actions, although I created a virtual directory in IIS with both my html and .asp pages, without realizing it I would launch my html page directly from the folder on my local machine i.e. I didn't use my browser to load it from my local host (chalk this up to being inexperienced with these things). When I would click the submit button on the webform, it would then try to access the .asp page inside the virtual directory and I would then receive the HTTP 401.1 error. My assumption at this point is this problem would most likely occur with an html page as well but since I have not set up a virtual directory again to test it, I can't be positive.
have you got the checkbox 'allow anonymous access' enabled?
>> My assumption at this point is this problem would most likely occur with an html page as well but since I have not set up a virtual directory again to test it, I can't be positive.
not necessarily.
>> My assumption at this point is this problem would most likely occur with an html page as well but since I have not set up a virtual directory again to test it, I can't be positive.
not necessarily.
Okay, try this:
Start->Run->cmd
cd \inetpub\wwwroot
cacls *.* > perms.txt
Then post the perms.txt file to the question.
From the logs we are able to hit iisstart.asp and we receive a 302 Redirect which is to be expected so it looks like the anonymous account itself is alright. The cacls output will show us the specific NTFS permissions on the files in the directory.
Dave Dietz
Start->Run->cmd
cd \inetpub\wwwroot
cacls *.* > perms.txt
Then post the perms.txt file to the question.
From the logs we are able to hit iisstart.asp and we receive a 302 Redirect which is to be expected so it looks like the anonymous account itself is alright. The cacls output will show us the specific NTFS permissions on the files in the directory.
Dave Dietz
ASKER
>>have you got the checkbox 'allow anonymous access' enabled?
Yes, see attached screenshot.
>>not necessarily.
If you think determining whether or not an html page will load from the local host is an important factor in resolving this issue, give me the word and I will test it; please specify if you have any particular way you want me to create the virtual directory or I will simply use the IIS wizard.
Login-4.JPG
Yes, see attached screenshot.
>>not necessarily.
If you think determining whether or not an html page will load from the local host is an important factor in resolving this issue, give me the word and I will test it; please specify if you have any particular way you want me to create the virtual directory or I will simply use the IIS wizard.
Login-4.JPG
Hi,
put your local user and password in there (like the one you use to log on to the machine), and then turn on the password synchronisation.
Cheers.
put your local user and password in there (like the one you use to log on to the machine), and then turn on the password synchronisation.
Cheers.
ASKER
Dave - see attached perms.txt
perms.txt
perms.txt
ASKER
meverest:
>> . . . and then turn on the password synchronisation.
Sorry but I don't see anywhere that I can turn on password synchronisation.
>> . . . and then turn on the password synchronisation.
Sorry but I don't see anywhere that I can turn on password synchronisation.
It's right there on your screenshot: "Allow IIS to control Password" ;-)
Cheers!
Cheers!
ASKER
>>It's right there on your screenshot: "Allow IIS to control Password" ;-)
Ok thanks; I would never have guessed that password synch is another way to refer to allowing IIS to control the password.
When I use my account with my name to login and use my password, I get the following:
The website cannot display the page - HTTP 500
Most likely causes:
The website is under maintenance.
The website has a programming error.
Ok thanks; I would never have guessed that password synch is another way to refer to allowing IIS to control the password.
When I use my account with my name to login and use my password, I get the following:
The website cannot display the page - HTTP 500
Most likely causes:
The website is under maintenance.
The website has a programming error.
Hi,
that is a little closer to the right place - at lest we don't have an auth problem any more. What do you see now when you look at http://127.0.0.1
?
Cheers.
that is a little closer to the right place - at lest we don't have an auth problem any more. What do you see now when you look at http://127.0.0.1
?
Cheers.
ASKER
Hello -
I get the same thing: The website cannot display the page; HTTP 500
Thanks.
I get the same thing: The website cannot display the page; HTTP 500
Thanks.
This may be a sign that it is working properly - iisstart.htm will redirect you to localstart.asp when you hit it locally and that page will not work properly without integrated authentication and being accessed with an administrator account.
What happens now if you access /testsite/Arya/add_to_data
Dave Dietz
What happens now if you access /testsite/Arya/add_to_data
Dave Dietz
ASKER
Hi Dave,
I created a new virtual directly with my web pages and from within it (in IIS), I selected my webform (html page), right clicked and selected browse but still received the HTTP 500 error. Did I do this correctly?
Thanks,
Max
I created a new virtual directly with my web pages and from within it (in IIS), I selected my webform (html page), right clicked and selected browse but still received the HTTP 500 error. Did I do this correctly?
Thanks,
Max
ASKER
Ok fyi, instead of browse I chose open on my html form and it opened up fine from within IIS. Unfortunately, when I click the submit button, I get the HTTP 500 error.
Hi,
are you completely up to date with all patches and service packs?
Cheers,
are you completely up to date with all patches and service packs?
Cheers,
ASKER
I ran a check this morning and installed all high priority updates available (4 total, some of which were related to .NET; I now have updates for .NET 1.1 through 3.0 installed) but I'm still receiving the HTTP 500 when I go to submit my form information and it trys to load the .asp page. Again, I'm now accessing my HTML webpage through the IIS interface and the HTML page will display but the .asp still will not run.
Fyi, I have a program that I downloaded from MS called IIS diagnostics/Auth Diagnostics 1.0 but I really don't know how to use it effectively. Would this be of any assistance here? If so, tell me what do.
I can't help but wonder how this bodes for running this simple form/database on another machine. The person I am creating this for has the idea that I should be able to use a USB dongle, plug into his laptop or desktop and then run the form and database. Aside from the all the trouble I'm having with IIS on my computer, wouldn't this necessitate IIS to be configured properly on his machine to be able to do this?
Thanks for the help; I had no idea this would be so difficult! : ^ (
Fyi, I have a program that I downloaded from MS called IIS diagnostics/Auth Diagnostics 1.0 but I really don't know how to use it effectively. Would this be of any assistance here? If so, tell me what do.
I can't help but wonder how this bodes for running this simple form/database on another machine. The person I am creating this for has the idea that I should be able to use a USB dongle, plug into his laptop or desktop and then run the form and database. Aside from the all the trouble I'm having with IIS on my computer, wouldn't this necessitate IIS to be configured properly on his machine to be able to do this?
Thanks for the help; I had no idea this would be so difficult! : ^ (
ASKER
Hello,
Just thought I would check in on this; any idea of what the problem might be and if we are close to a resolution?
Thanks again.
Just thought I would check in on this; any idea of what the problem might be and if we are close to a resolution?
Thanks again.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for the update Dave. Wow, what a bummer! I will try your suggestion short of reinstalling XP. Unfortunately, I might not be able to do this until the weekend but once I do it, I will post my results. I guess the only consolation out of this experience is a) I wasn't going crazy b) my trouble shooting before I came to EE was on the right track.
Thanks again for your efforts and I will be in touch once I complete this last step.
Max
Thanks again for your efforts and I will be in touch once I complete this last step.
Max
No worries max,
regards, "MIKE"
(Dave is the other guy ;-)
Cheers.
regards, "MIKE"
(Dave is the other guy ;-)
Cheers.
ASKER
Dave & Mike,
This news might make you laugh: I was girding myself to implement Dave's last suggested resolution when I searched around on the internet and found a freeware product named BabyWebServer. In short, it solved my problem! I can now successfully run webpages using my computer as a local host.
A big thanks to you both for the excellent effort!
max7
This news might make you laugh: I was girding myself to implement Dave's last suggested resolution when I searched around on the internet and found a freeware product named BabyWebServer. In short, it solved my problem! I can now successfully run webpages using my computer as a local host.
A big thanks to you both for the excellent effort!
max7
ASKER
Ok, Mike -- you can slap me twice now. I'm sorry for confusing you with Dave!!! Mea Culpa!
ASKER
Mike and Dave: Thanks again for the help - much appreciated!
try setting the anonymous user to administrator or to your own login credentials.
if this web site is going to be accesible from the internet, it is a good idea to do this only for testing purposes.
Cheers.