Solved

Assorted 401.x errors when trying to access Localhost

Posted on 2004-04-19
11
2,074 Views
Last Modified: 2007-12-19
I am attempting to create an intranet web site on a brand new server running Windows Server 2003 with IIS6.  When attempting to browse to the default page or Localhost I am receiving a wide variety of Http 401 errors.  I have configured the page for anonymous access using the IWAM_computername account as the user, and have confirmed that the password in both IIS and Active Directory match.  When trying to access the web page I am still required to enter user credentials but nothing that is entered permits access.

I have attempted to run the following commands to ensure that the password is correct in all areas:

cscript.exe :
  \inetpub\adminscripts  adsutil.vbs set w3svc/
wamuserpass ""

cscript.exe :
  \inetpub\adminscripts
    run synciwam.vbs -v

but receive the message, "Error trying to GET the Schema of the property IIS://localhost/Schema/w3svc"

Thanks in advance
0
Comment
Question by:vet716
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
11 Comments
 
LVL 17

Accepted Solution

by:
Tacobell777 earned 175 total points
ID: 10865472
it's actually the IUSR_<computername> that you want on there for anonymous access.
0
 
LVL 2

Author Comment

by:vet716
ID: 10868353
I actually have tried both IUSR and IWAM, and get the same results with both.  IUSR is the default so that is the one that I was using first.
0
 
LVL 17

Expert Comment

by:Tacobell777
ID: 10874274
Do you have the IUSR permission correctly applied? It needs access to some files in the windows folder, program files - common files etc. Your best bet on this is to find a document on where the IUSR needs permission, I could tell you some on top of my head but its better to get it from a doco by MS...
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
LVL 2

Author Comment

by:vet716
ID: 10888600
IUSR has the appropriate NTFS permissions set (Read & Execute, List Folder Contents and Read) on Inetpub, wwwroot, the default page, and all subwebs.

After deleting IUSR from Active Directory and recreating I am now able to view the page on certain subnets on my network but not others.  Any user on the 10.10.x.x subnet that the server resides on can see the page, certain PCs on the 10.20.x.x subnet can also see the page but most receive an HTTP 400 page, stating that the page can not be found.
0
 
LVL 17

Expert Comment

by:Tacobell777
ID: 10903641
anything in the log file? http 400 page is not a normla page not found, page not found is 404 - have a look at the logs and see if there is anything that might tell you what up.. The web log and the event log.
0
 
LVL 2

Author Comment

by:vet716
ID: 10903878
There is nothing that stands out in the Event Log, but in the web log I found HTTPerr1.log which contains hundreds of lines similar to the following:

2004-04-23 19:41:22 10.10.x.x 2367 10.10.x.a 80 - - - - - Timer_ConnectionIdle  (this was a pc on the local network that could connect)
2004-04-23 20:15:32 10.10.x.x 3003 10.10.x.z 80 HTTP/1.1 OPTIONS / 400 - Hostname  (this was a pc on another network, but still a member of the domain)
2004-04-23 20:43:45 10.20.x.x 1146 10.10.x.z 80 HTTP/1.1 GET /bottleking.htm 400 - Hostname (this was a pc on another network, but still a member of the domain)
2004-04-23 20:55:15 10.10.x.x 1215 10.10.x.z 80 HTTP/1.1 OPTIONS / 400 - Hostname (this was a pc on another network, but still a member of the domain)

The odd thing is the times; all of the times are several hours ahead of the server time, although the time on the workstation is synced to the server.  Also it is displaying 2 ip addresses for the server 10.10.x.a and 10.10.x.z.  The server does have 2 NICs but the web site is configured to the ip address for only one of them (10.10.x.a).  These ip addresses are assigned statically to each network card and are also entered as hosts into DNS on the domain controller.
0
 
LVL 17

Expert Comment

by:Tacobell777
ID: 10904156
The log time is in UTC time I believe, you can sync it with your local machine by going into porperties of logging and there is a setting to tell it to log in local time.

have you tried this

When you get a message like this turn off friendly HTTP error messages in IE. To do this go to Tools -> Internet Options -> Advanced. Uncheck show friendly HTTP error messages. Once you have done this you should get a more detailed message which will point you to the real problem.

You may need to configure your browser to use proxies.

0
 
LVL 2

Author Comment

by:vet716
ID: 10918237
The actual message is "Bad Request (Invalid Hostname)"

We have no proxy server on our network.  In order to configure the browser to use a proxy, would I need to add a proxy or can the web server address be used as the proxy?

I have found a pattern with the computers who can view the page successfully and those who can't.  Every computer on the LAN can see the page, on each WAN only computers that are running Windows 2000 Server can see the page.  Any computer running XP Pro can not.  All of these are using IE6.
0
 
LVL 17

Expert Comment

by:Tacobell777
ID: 10922059
What are the connection settings in Internet Explorer on these machines?  The same as the other machines?
0
 
LVL 2

Author Comment

by:vet716
ID: 10922405
All of the computers have the same connection configuration in IE.

LAN Settings -> All boxes unchecked (Auto detect proxy settings, Use auto config. script and Use a proxy server for your LAN)
0
 
LVL 2

Author Comment

by:vet716
ID: 10950476
This problem has been resolved by adding a DNS Host entry on each of the local computers who could not view the site, pointing to that IP address and Host name for the web site.

Windows -> System32 -> Drivers -> ETC -> Host

Tacobell777 thanks for your help, I wish I had more points that I could award to you.
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Debug Tools to analyse IIS process: This article focus on taking memory dumps from IIS to determine which code is taking more time and to analyse which calls hangs/causes more CPU usage. To take dumps,download the following. Install1: To st…
Prologue It is often required to host multiple websites on a single instance of IIS, mostly in development environments instead of on production servers. I am sure it is not much a preferred solution on production servers but this is at least a pos…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question