Solved

IIS search causes 529/680 errors with advapi

Posted on 2009-07-07
2
1,102 Views
Last Modified: 2012-05-07
Whenever users who aren't admins perform a search upon a given subweb, they get a FrontPage error, and the server gets 529/680 errors in the event log.  The errors look like this:
ogon Failure:
       Reason:            Unknown user name or bad password
       User Name:      IUSR_LATINTRA30006
       Domain:            LATHSQL01
       Logon Type:      8
       Logon Process:      Advapi  
       Authentication Package:      Negotiate
       Workstation Name:      LATHSQL01
       Caller User Name:      LATHSQL01$
       Caller Domain:      LSSC
       Caller Logon ID:      (0x0,0x3E7)
       Caller Process ID:      11440
       Transited Services:      -
       Source Network Address:      -
       Source Port:      -


Logon attempt by:      MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
 Logon account:      IUSR_LATINTRA30006
 Source Workstation:      LATHSQL01
 Error Code:      0xC000006A


For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

I have seen postings about similar errors, but not as they relate to the search in IIS.  I have enabled anonymous access, and I also have Windows authentication enabled.  Changing permissions doesn't solve the issue.  I also reset the anonymous userid's password and provided the new password in the IIS properties page for this subweb.  How do I fix this?  Thanks.
0
Comment
Question by:thomsone
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 38

Accepted Solution

by:
Hypercat (Deb) earned 500 total points
ID: 24807376
Check this page at EventID.net: http://www.eventid.net/display.asp?eventid=529&eventno=1&source=Security&phase=1
Here's a quote from that page, the post is about 1/2 way down:
<<Anonymous (Last update 2/26/2008):

This error was seen on a Windows 2003 standard server running IIS 6.0 when attempting to browse to a new website on the server. The new website was asking for a Windows user ID and password. The error in the event log appeared before a user/password was given or Cancel was clicked.
The anonymous authentication user (IUSR_somename) was already in use by another website on the server, so it did not make sense that it was not working.
MS Article M909887 listed possible causes, one of which was "The wrong user name or password is specified in the IIS Metabase. The IIS metabase is (normally) located at C:\Windows\System32\inetsrv\MetaBase.xml. I compared the AnonymousUserPass string of the existing (working) site and the new (not working) site and they were different.
To modify the MetaBase.xml file the IIS services must be stopped or the "Enable Direct Metabase Edit" option must be enabled in IIS Manager/<server name>/Properties. First, make a copy of the MetaBase.xml file (ex: MetaBase.xml.old), then edit it. Copy the AnonymousUserPass string from the working site to the non-working site. Save the changes and start the IIS services.  >>
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

No single Antivirus application (despite claims by manufacturers) will catch or protect you from all Virus / Malware or Spyware threats. That doesn't stop you from further protecting yourself however - and this article is to show you how.
This article helps those who get the 0xc004d307 error when trying to rearm (reset the license) Office 2013 in a Virtual Desktop Infrastructure (VDI) and/or those trying to prep the master image for Microsoft Key Management (KMS) activation. (i.e.- C…
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

631 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question