Solved

Assorted 401.x errors when trying to access Localhost

Posted on 2004-04-19
11
2,072 Views
Last Modified: 2007-12-19
I am attempting to create an intranet web site on a brand new server running Windows Server 2003 with IIS6.  When attempting to browse to the default page or Localhost I am receiving a wide variety of Http 401 errors.  I have configured the page for anonymous access using the IWAM_computername account as the user, and have confirmed that the password in both IIS and Active Directory match.  When trying to access the web page I am still required to enter user credentials but nothing that is entered permits access.

I have attempted to run the following commands to ensure that the password is correct in all areas:

cscript.exe :
  \inetpub\adminscripts  adsutil.vbs set w3svc/
wamuserpass ""

cscript.exe :
  \inetpub\adminscripts
    run synciwam.vbs -v

but receive the message, "Error trying to GET the Schema of the property IIS://localhost/Schema/w3svc"

Thanks in advance
0
Comment
Question by:vet716
  • 6
  • 5
11 Comments
 
LVL 17

Accepted Solution

by:
Tacobell777 earned 175 total points
ID: 10865472
it's actually the IUSR_<computername> that you want on there for anonymous access.
0
 
LVL 2

Author Comment

by:vet716
ID: 10868353
I actually have tried both IUSR and IWAM, and get the same results with both.  IUSR is the default so that is the one that I was using first.
0
 
LVL 17

Expert Comment

by:Tacobell777
ID: 10874274
Do you have the IUSR permission correctly applied? It needs access to some files in the windows folder, program files - common files etc. Your best bet on this is to find a document on where the IUSR needs permission, I could tell you some on top of my head but its better to get it from a doco by MS...
0
Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

 
LVL 2

Author Comment

by:vet716
ID: 10888600
IUSR has the appropriate NTFS permissions set (Read & Execute, List Folder Contents and Read) on Inetpub, wwwroot, the default page, and all subwebs.

After deleting IUSR from Active Directory and recreating I am now able to view the page on certain subnets on my network but not others.  Any user on the 10.10.x.x subnet that the server resides on can see the page, certain PCs on the 10.20.x.x subnet can also see the page but most receive an HTTP 400 page, stating that the page can not be found.
0
 
LVL 17

Expert Comment

by:Tacobell777
ID: 10903641
anything in the log file? http 400 page is not a normla page not found, page not found is 404 - have a look at the logs and see if there is anything that might tell you what up.. The web log and the event log.
0
 
LVL 2

Author Comment

by:vet716
ID: 10903878
There is nothing that stands out in the Event Log, but in the web log I found HTTPerr1.log which contains hundreds of lines similar to the following:

2004-04-23 19:41:22 10.10.x.x 2367 10.10.x.a 80 - - - - - Timer_ConnectionIdle  (this was a pc on the local network that could connect)
2004-04-23 20:15:32 10.10.x.x 3003 10.10.x.z 80 HTTP/1.1 OPTIONS / 400 - Hostname  (this was a pc on another network, but still a member of the domain)
2004-04-23 20:43:45 10.20.x.x 1146 10.10.x.z 80 HTTP/1.1 GET /bottleking.htm 400 - Hostname (this was a pc on another network, but still a member of the domain)
2004-04-23 20:55:15 10.10.x.x 1215 10.10.x.z 80 HTTP/1.1 OPTIONS / 400 - Hostname (this was a pc on another network, but still a member of the domain)

The odd thing is the times; all of the times are several hours ahead of the server time, although the time on the workstation is synced to the server.  Also it is displaying 2 ip addresses for the server 10.10.x.a and 10.10.x.z.  The server does have 2 NICs but the web site is configured to the ip address for only one of them (10.10.x.a).  These ip addresses are assigned statically to each network card and are also entered as hosts into DNS on the domain controller.
0
 
LVL 17

Expert Comment

by:Tacobell777
ID: 10904156
The log time is in UTC time I believe, you can sync it with your local machine by going into porperties of logging and there is a setting to tell it to log in local time.

have you tried this

When you get a message like this turn off friendly HTTP error messages in IE. To do this go to Tools -> Internet Options -> Advanced. Uncheck show friendly HTTP error messages. Once you have done this you should get a more detailed message which will point you to the real problem.

You may need to configure your browser to use proxies.

0
 
LVL 2

Author Comment

by:vet716
ID: 10918237
The actual message is "Bad Request (Invalid Hostname)"

We have no proxy server on our network.  In order to configure the browser to use a proxy, would I need to add a proxy or can the web server address be used as the proxy?

I have found a pattern with the computers who can view the page successfully and those who can't.  Every computer on the LAN can see the page, on each WAN only computers that are running Windows 2000 Server can see the page.  Any computer running XP Pro can not.  All of these are using IE6.
0
 
LVL 17

Expert Comment

by:Tacobell777
ID: 10922059
What are the connection settings in Internet Explorer on these machines?  The same as the other machines?
0
 
LVL 2

Author Comment

by:vet716
ID: 10922405
All of the computers have the same connection configuration in IE.

LAN Settings -> All boxes unchecked (Auto detect proxy settings, Use auto config. script and Use a proxy server for your LAN)
0
 
LVL 2

Author Comment

by:vet716
ID: 10950476
This problem has been resolved by adding a DNS Host entry on each of the local computers who could not view the site, pointing to that IP address and Host name for the web site.

Windows -> System32 -> Drivers -> ETC -> Host

Tacobell777 thanks for your help, I wish I had more points that I could award to you.
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
powershell - detection of system errors 3 41
Output Caching in IIS 2 35
WebSite Direction 1 54
File upload fails with SSL Certificate 3 24
Today I came across an interesting issue that had me pulling my hair out.  I was troubleshooting a new internal web site which uses integrated security instead of anonymous.  When browsing the site from my laptop, I was able to access it with no iss…
Preparing an email is something we should all take special care with – especially when the email is for somebody you may not know very well. The pressures of everyday working life stacked with a hectic office environment can make this a real challen…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question