wanabegates
asked on
Authentication Issues in FrontPage 2002
I am in the middle of decomissioning a Win2K IIS server and moving all of the sites to a Windows 2003 server. A few of the sites are using FrontPage. When i move the sites over to the new server, and I configure IIS, all goes as it should. I then extend the Extentions to the site. The problem arrises when I go to setup FrontPage for the site. I go to the administration page and am greeted with a login. I have use the Local Admin account as well as the Domain Admin account and still can not get in.
Am I missing something here? Shouldn't the local admin account always have access to the administration of all sites? At any rate I need to get in and configure at least three sites with the same problem. Each has the same problem.
Am I missing something here? Shouldn't the local admin account always have access to the administration of all sites? At any rate I need to get in and configure at least three sites with the same problem. Each has the same problem.
have you got integrated and/or basic authentication turned on for your webs? if you've only got anonymous the extensions are unable to check your identity (and if anonymous browsing's turned off in server extensions, you won't even be able to look at the site).
ASKER
I have integrated authentication on and anonymous access is enabled
Try turning anonymous access off.
ASKER
OK, did that, got the expected login when hitting the site... can't authenticate.
ASKER
The stranges thing is... I can authenticate into the the sharepoint console but when I go to the Go to Site administration for XXXX authentication fails.. It shouldn't even ask me agian. Not when logged in as an admin
it'll at least wipe out one cause of authentication problems so probably leave it off until this is resolved.
Do initial testing using the local admin - move on to possible domain trust issues after that is sorted out.
Check out where your logfiles are getting stored for the Sharepoint administration site (where you config FP extensions) and have a look at what exactly the 401s are showing up for.
If it's stuff in _vti_bin, etc, then make sure your permissions on c:\program files\common files\microsoft shared\web server extensions aren't corrupted - i.e. they should include admins (FULL) system (FULL) iusr_computername (READ) iwam_computername(at least READ). When you run your webs out of process (medium/high isolation,
the iwam account gets used).
Check the same for c:\winnt\system32 directory
Check also that you have frontpage server extensions listed as ALLOWED in IIS Manager.
Do initial testing using the local admin - move on to possible domain trust issues after that is sorted out.
Check out where your logfiles are getting stored for the Sharepoint administration site (where you config FP extensions) and have a look at what exactly the 401s are showing up for.
If it's stuff in _vti_bin, etc, then make sure your permissions on c:\program files\common files\microsoft shared\web server extensions aren't corrupted - i.e. they should include admins (FULL) system (FULL) iusr_computername (READ) iwam_computername(at least READ). When you run your webs out of process (medium/high isolation,
the iwam account gets used).
Check the same for c:\winnt\system32 directory
Check also that you have frontpage server extensions listed as ALLOWED in IIS Manager.
sorry, missed this, it took so long for me to post the last one :)
> It shouldn't even ask me again. Not when logged in as an admin
It will if the credentials you are using don't work for that web.
Do as suggested for this website instead of the Sharepoint Admin one if that's now ok.
> It shouldn't even ask me again. Not when logged in as an admin
It will if the credentials you are using don't work for that web.
Do as suggested for this website instead of the Sharepoint Admin one if that's now ok.
ASKER
Here is a portion from the log for the web site:
2005-08-17 00:27:54 10.10.1.31 GET /_vti_bin/_vti_adm/fpadmdl
2005-08-17 00:27:54 10.10.1.31 GET /_vti_bin/_vti_adm/fpadmdl
I don't know what I am looking for here...
Front Page Extentions are allowed in the manager
I compared the rest of the directories with what I have on a known good server and all are the same. However, on the working system none of these settings were there:usr_computername (READ) iwam_computername(at least READ)
2005-08-17 00:27:54 10.10.1.31 GET /_vti_bin/_vti_adm/fpadmdl
2005-08-17 00:27:54 10.10.1.31 GET /_vti_bin/_vti_adm/fpadmdl
I don't know what I am looking for here...
Front Page Extentions are allowed in the manager
I compared the rest of the directories with what I have on a known good server and all are the same. However, on the working system none of these settings were there:usr_computername (READ) iwam_computername(at least READ)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Sorry guys.. wasn't trying to abandon the question! I have simply been experiencing some DOS Attacks on some of my servers/routers that have required all of my attention.
Another suggeston was mentioned to me... to use the IIS Migration tool (from IIS 5 to IIS 6). This was supposed to ensure all of the permissions worked on the receiving end as well. Unfortunately this was a no go. I still can not get the sites from the old IIS box to move to the new IIS 6 server. This really shouldn't be so difficult.
I'm going to try the filemon recomendaton in the morning.
Another suggeston was mentioned to me... to use the IIS Migration tool (from IIS 5 to IIS 6). This was supposed to ensure all of the permissions worked on the receiving end as well. Unfortunately this was a no go. I still can not get the sites from the old IIS box to move to the new IIS 6 server. This really shouldn't be so difficult.
I'm going to try the filemon recomendaton in the morning.
ASKER