Exeternal web site requesting id and password

Posted on 2012-08-17
Last Modified: 2012-08-24
Hello Experts,

I have several web sites that we host on a Windows Server 2003 system with IIS v6.

I recently changed our domain and when doing so messuped the security on our web site.  I then created a local id and password to this server for our web site and entered this into the web site properties | directory security | Authentical and Access control.  This worked.

Fast foward 30 days and it appears the password expired.  I changed the password within the local server and then on the web site properities and everything works.

The settings for the local user are password never expires and user cannot change password.

First, did I miss something in how this should work?  Is there a better way of setting this security.  I figure a local id and password may be more secure for this web server versus using active directory.

I don't want to repeat this problem, any suggestions please.
Question by:tucktech
    LVL 20

    Expert Comment

    by:Radhakrishnan Rajayyan

    Is the issue happened even after set the local user password never expires and user cannot change password?

    Usually if you set these options then it won't keep asking you to change the password, but if it is still asking then there will be a problem.

    Author Comment

    I had already had these options set.  I went and verified but I did not need to change anything.  I am guessing in 30 to 45 days I may have the problem again...

    Author Comment

    Would it be better to use active directory?
    LVL 20

    Accepted Solution


    This seems to be the domain policies are getting applied on to the machine/server?

    Could you perform the steps Start>>Run>>regedit>>Navigate to the following location 1.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon and Value name "PasswordExpiryWarning" and data type - REG_DWORD. The Value data - number of days (if the policy applied properly then it should be 0) or set this as 0. Close the registry window.

    Also,if you would like to add a AD user then i would say it's a good idea.

    Author Closing Comment

    Added an AD user to make it controllable as the rest of the network.  I figure I did not want a one off...

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Threat Intelligence Starter Resources

    Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

    Just a quick little trick I learned recently.  Now that I'm using jQuery with abandon in my applications, I have grown tired of the following syntax:      (CODE) I suppose it just offends my sense of decency to put inline VBScript on a…
    In an ASP.NET application, I faced some technical problems. In this article, I list them out and show the solutions that I found.  I hope it will be useful. Problem: After closing a pop-up window, the parent page should be refreshed automaticall…
    This video is in connection to the article "The case of a missing mobile phone (". It will help one to understand clearly the steps to track a lost android phone.
    Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

    758 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    12 Experts available now in Live!

    Get 1:1 Help Now