[Last Call] Learn how to a build a cloud-first strategyRegister Now


Exeternal web site requesting id and password

Posted on 2012-08-17
Medium Priority
Last Modified: 2012-08-24
Hello Experts,

I have several web sites that we host on a Windows Server 2003 system with IIS v6.

I recently changed our domain and when doing so messuped the security on our web site.  I then created a local id and password to this server for our web site and entered this into the web site properties | directory security | Authentical and Access control.  This worked.

Fast foward 30 days and it appears the password expired.  I changed the password within the local server and then on the web site properities and everything works.

The settings for the local user are password never expires and user cannot change password.

First, did I miss something in how this should work?  Is there a better way of setting this security.  I figure a local id and password may be more secure for this web server versus using active directory.

I don't want to repeat this problem, any suggestions please.
Question by:tucktech
  • 3
  • 2
LVL 24

Expert Comment

by:Radhakrishnan R
ID: 38307868

Is the issue happened even after set the local user password never expires and user cannot change password?

Usually if you set these options then it won't keep asking you to change the password, but if it is still asking then there will be a problem.

Author Comment

ID: 38309942
I had already had these options set.  I went and verified but I did not need to change anything.  I am guessing in 30 to 45 days I may have the problem again...

Author Comment

ID: 38309944
Would it be better to use active directory?
LVL 24

Accepted Solution

Radhakrishnan R earned 1600 total points
ID: 38312094

This seems to be the domain policies are getting applied on to the machine/server?

Could you perform the steps Start>>Run>>regedit>>Navigate to the following location 1.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon and Value name "PasswordExpiryWarning" and data type - REG_DWORD. The Value data - number of days (if the policy applied properly then it should be 0) or set this as 0. Close the registry window.

Also,if you would like to add a AD user then i would say it's a good idea.

Author Closing Comment

ID: 38330347
Added an AD user to make it controllable as the rest of the network.  I figure I did not want a one off...

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Problem Hi all,    While many today have fast Internet connection, there are many still who do not, or are connecting through devices with a slower connect, so light web pages and fast load times are still popular.    If your ASP.NET page …
It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Are you ready to place your question in front of subject-matter experts for more timely responses? With the release of Priority Question, Premium Members, Team Accounts and Qualified Experts can now identify the emergent level of their issue, signal…
Suggested Courses
Course of the Month17 days, 22 hours left to enroll

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question