Solved

Web application being stopped by Server 2003 permissions issue

Posted on 2008-10-20
2
190 Views
Last Modified: 2012-05-05
We are having an issue with a newly installed application that uses Pervasive SQL and IIS to run a browser based HR portal for our employees.  The application is installed on a domain server and it uses Active Directory user logins to authenticate the browser logon.   The users access a specific web page (running on our server) and logon as follows:

DomainName\Username and then enter a password.  

Everything works fine as long as the user is a member of the Administrators group.   However, as soon as we remove the user from the Administrators group and make them a member of the domain users group they can no longer log in and they receive a "Login Failed" error.  

The company who designed the HR portal (Municipal Accounting) has tested it thoroughly and stated that it is something on our end.  The evidence that they use to back this up is that they say that they cannot use remote desktop and log on locally as any standard user even if they give the standard user access rights to logon to the server as a remote desktop user.

Therefore, they are saying that since a standard user cannot log on locally to the server as a remote desktop user, we must have permissions issues on our server.

They may be right to some extent, but we certainly should not need to allow users remote access rights to connect to the server.  However, they may be correct in that it appears to me that the web based logon is going to require users to have permissions to logon to the server locally.

This company assures me that the app is working in other places and that the problem is on our end.  If anyone has any ideas it would be greatly appreciated.  
0
Comment
Question by:darcher17
2 Comments
 
LVL 2

Expert Comment

by:SirDragon
ID: 22763993
It does sound like a rights issue.  
What are the rights assigned to IIS?  Have you tried to turn on Anonymous logon?  
or integrated windows authentication?

Is this server a domain controller?  
What are the rights for interactive logon to the server?  
I am sorry for all the questions, but it's hard to weed through without a visual.  
0
 

Accepted Solution

by:
darcher17 earned 0 total points
ID: 22764490
I actually resolved this one myself.  I am not really happy about the way their software works, but it appears that I have to give users the right to logon locally.  

So I added the users to a specific group and then gave this group the right to "Log on Locally" through the Domain Controller Security Policy.  

Thanks for the help!
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Join & Write a Comment

Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
Prologue It is often required to host multiple websites on a single instance of IIS, mostly in development environments instead of on production servers. I am sure it is not much a preferred solution on production servers but this is at least a pos…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now