Solved

Web application being stopped by Server 2003 permissions issue

Posted on 2008-10-20
2
193 Views
Last Modified: 2012-05-05
We are having an issue with a newly installed application that uses Pervasive SQL and IIS to run a browser based HR portal for our employees.  The application is installed on a domain server and it uses Active Directory user logins to authenticate the browser logon.   The users access a specific web page (running on our server) and logon as follows:

DomainName\Username and then enter a password.  

Everything works fine as long as the user is a member of the Administrators group.   However, as soon as we remove the user from the Administrators group and make them a member of the domain users group they can no longer log in and they receive a "Login Failed" error.  

The company who designed the HR portal (Municipal Accounting) has tested it thoroughly and stated that it is something on our end.  The evidence that they use to back this up is that they say that they cannot use remote desktop and log on locally as any standard user even if they give the standard user access rights to logon to the server as a remote desktop user.

Therefore, they are saying that since a standard user cannot log on locally to the server as a remote desktop user, we must have permissions issues on our server.

They may be right to some extent, but we certainly should not need to allow users remote access rights to connect to the server.  However, they may be correct in that it appears to me that the web based logon is going to require users to have permissions to logon to the server locally.

This company assures me that the app is working in other places and that the problem is on our end.  If anyone has any ideas it would be greatly appreciated.  
0
Comment
Question by:darcher17
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 2

Expert Comment

by:SirDragon
ID: 22763993
It does sound like a rights issue.  
What are the rights assigned to IIS?  Have you tried to turn on Anonymous logon?  
or integrated windows authentication?

Is this server a domain controller?  
What are the rights for interactive logon to the server?  
I am sorry for all the questions, but it's hard to weed through without a visual.  
0
 

Accepted Solution

by:
darcher17 earned 0 total points
ID: 22764490
I actually resolved this one myself.  I am not really happy about the way their software works, but it appears that I have to give users the right to logon locally.  

So I added the users to a specific group and then gave this group the right to "Log on Locally" through the Domain Controller Security Policy.  

Thanks for the help!
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Issue: One Windows 2008 R2 64bit server on the network unable to connect to a buffalo Device (Linkstation) with firmware version 1.56. There are a total of four servers on the network this being one of them. Troubleshooting Steps: Connect via h…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question