kam_uk
asked on
IIS site suddenly asking for username/ password
Hi
I have an IIS Site running on Windows 2003.
Suddenly this morning, some users have been asked for a username/ password to open a web page from it, which never happened before.
Any ideas as to why this is happening? I am not a web person at all, so any help appreciated!
Thanks
I have an IIS Site running on Windows 2003.
Suddenly this morning, some users have been asked for a username/ password to open a web page from it, which never happened before.
Any ideas as to why this is happening? I am not a web person at all, so any help appreciated!
Thanks
ASKER
Hi
Thanks, but this is happening to loads of users...
Thanks, but this is happening to loads of users...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks, I'll check this out.
It's possible that our workstations were patches/ had security settings changed. I believe there is an IE setting that asks prompts for logons to new sites, is anyone aware of what it is?
It's possible that our workstations were patches/ had security settings changed. I believe there is an IE setting that asks prompts for logons to new sites, is anyone aware of what it is?
On the client, by default user (integrated) authenication will be passed to the Local Intranet Zone (your internal web server, assuming they are not using a fully qualified name). If you suspect this setting got changed, then you can find it in Internet Options -> Security Tab.
I have had this issue a few times.
Assuming you have anonymous access granted to the website; check which username and password you are using to grant that access. Click on:
"Admin Tools" >> "Internet Information Services Manager" >> and right click on the website in question and select "Properties".
Next navigate to the "Directory Security" tab and click "Edit" on "Anonymous Access and "Auth Control" then click "Edit" again on "Account used for anonymous access".
Ensure the account listed is not expired on the local machine or if it is a domain account ensure it is not locked out or expired in active directory (assuming that is what you would be using). If it is still the default username (IUSR_%hostname%) then you may need to ensure that account is still valid on the system. If somehow that password got changed follow the instruction on this link (http://www.windowsitpro.com/Article/ArticleID/48361/48361.html) to find it. If the account got delete you may need to recreate it. I have had many issues in the past with this popping up because of web site admins not updating the domain account used to authenticate the anonymous login at the time that account's password is updated in active directory as it is required monthly on our network. If you are not using anonymous access your problem is something else entirely.
Assuming you have anonymous access granted to the website; check which username and password you are using to grant that access. Click on:
"Admin Tools" >> "Internet Information Services Manager" >> and right click on the website in question and select "Properties".
Next navigate to the "Directory Security" tab and click "Edit" on "Anonymous Access and "Auth Control" then click "Edit" again on "Account used for anonymous access".
Ensure the account listed is not expired on the local machine or if it is a domain account ensure it is not locked out or expired in active directory (assuming that is what you would be using). If it is still the default username (IUSR_%hostname%) then you may need to ensure that account is still valid on the system. If somehow that password got changed follow the instruction on this link (http://www.windowsitpro.com/Article/ArticleID/48361/48361.html) to find it. If the account got delete you may need to recreate it. I have had many issues in the past with this popping up because of web site admins not updating the domain account used to authenticate the anonymous login at the time that account's password is updated in active directory as it is required monthly on our network. If you are not using anonymous access your problem is something else entirely.
Thank you Adam . i have the same problem , some time small things we miss , i changes the Password for user , and suddenly on client side it was asking for username & password, i assign the new password to the user set for Anonymous Access . everything is normal
Verify that the user does not have the user name and password saved in their user profile. (This is typical the main cause)
Open Control Panel -> User Accounts -> Advanced Tab -> Manage Passwords.
Remove any saved username and password associated with your "server"