• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3418
  • Last Modified:

CGI.Auth_User not populated through IIS

I have a ColdFusion application that was working fine until a few days ago.  For some reason it is no longer picking up the NT authentication.  It is installed on IIS.

I get this error message when going to the first page:

"The second parameter (StartPos) of the function RemoveChars(String, StartPos, Count), which is now equal to 1, must be less than or equal to the length of the first parameter (String), which is now equal to and has length of 0  
 
 
The Error Occurred in C:\Inetpub\wwwroot\eTAD\tad.cfm: line 23
 
21 : <p>Username:<cfoutput>#CGI.Auth_User#</cfoutput> - <cfoutput>#dompos#</cfoutput></p>
22 :  
23 : <cfset user=LCase(RemoveChars(CGI.Auth_User, 1, dompos))>
24 :
25 : <!--- <cfoutput>dompos=#dompos#</cfoutput><br> --->"

As you can see in line 21 , I am printing out CGI.Auth_User.  It comes back blank.  In IIS, this application's directory is set to NT Authentication and is NOT set for anonymous.  "dompos" is the position of the first "\" character.  This is used to separate the domain from the user when the Auth_User is being populated properly.

This problem is fairly time-sensitive for me, so any help would be great!
0
edsteele
Asked:
edsteele
  • 3
1 Solution
 
anandkpCommented:
I tried this :<cfoutput>#CGI.Auth_User#</cfoutput> & its outputting a NULL value
hence ur RemoveChars() is throwing up a error !

I'll chk up with my sysadmin & get back to u.
0
 
edsteeleAuthor Commented:
Thank you.  That is exactly what I am seeing!
0
 
jonnygo55Commented:
it sounds like the ntfs permissions for the directory has changed...perhaps allowing too much access...thus your users are not having to login using their nt authenication...so check the directory security itself(not through iis) and see if there is anything fishy there...it should be restricted to admins, IUSR, system, and perhaps ColdFusion service....
0
 
edsteeleAuthor Commented:
The permissions haven't been touched in months.  I double checked them and they look ok.  Administrators have full access and everyone has read access.
0
 
edsteeleAuthor Commented:
I had to turn off anonymous access through IIS.  Once I did that, it worked.
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now