Hi, having stupid problems with a newly created web on windows server
2003 / IIS6.0.
Essential question for this post: How can I allow anon access to VPN
client browsers? Read on...
The web is currently the only web site on the server. I have enabled
anon access, and used the default IUSR_... account for this. As it
happens I have also left checked the 'Integrated Windows Authentication'
access box.
I have ensured that the IUSR_... account on the local machine also has
the correct NTFS file system permissions on the directory and
sub-folders/files for the web resource files (i.e. the ASP and HTML
pages). The NTFS permissions are 'Read & Execute', 'List Folder
Contents' and 'Read'. I have checked that there are no other special
Deny permissions set as well.
I connect to the box via a Nortel VPN client, other users will do the
same I believe. They may also be part of a sub-domain, but I haven't
really been told.
Once VPN'd in I browse to the root of the web from my PC, but a login
dialog appears. Why does the dialog appear when I have anon acess
enabled? Obviously when I browse to the web locally from the server it
comes up no problems.
Anyway, two variations here:
1. I log in using a local domain account for the server,
2. I don't log in (Cancel the dialog).
When I do #1 I get through. But why do I need to authenticate when anon
access is allowed?
When I do #2 I get 403-3 - Unauthorised due to ACL on Resource. Why? The
NTFS permissions are set for the anon user (IUSR_...) to allow read etc.
If I go back to inetmgr and UN-check the 'Integrated Windows
Authentication' access box, then browse the web I immediately get a
403-1 http Error. Why? I have anon access enabled!
I really don't understand what I'm doing, but I guess you realise that
by now
I hope I've given all the info required. Any more just ask.
Ben
FAQ
Profile
Private Messages
Log in
