asked on

Authentication from root site got pushed down to all child applications in IIS and I'm trying to determine how

A few days ago the authentication settings got changed against all of the applications that are hosted within a single website, and I'm trying to track down what could have caused this. We have a top level website, with about 30 applications under it, each with their own authentication settings. What I found was that the top level settings from the root of the site (Anonymous and WIndows Auth enabled) had been pushed down to everything else. This caused quite a few problems as expected until I manually went in and corrected each one. This happened on 2 different web servers, which are used to load balance the applications.

I know that I didn't go in a change the authentication for everything, so I'm trying to determine how this happened. We did not have IIS Configuration Auditing enabled, so unfortunately that isn't an avenue I can lean on for help.

Any ideas what could have caused this, or things I could look at to investigate?

ASKER CERTIFIED SOLUTION

Owen Rubin

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

Tray896

ASKER

That's the thing. Nobody else was on the server that night (or really any time recently) besides myself. And the only thing I had done is copy/paste some updated files to one of the child applications home directories. It's not possible that something in a web.config that was copied to the path of one of the child apps, would be able to modify the authentication to every other app within the website, is it?

Owen Rubin

When you say nobody else was on the server, how are you confirming that? If this was not an accident from you, then someone had to make a change. Well, at least in my experience these things do not usually happen on their own.

I understand why you are concerned. But time to look at some log files (if you can).