Hello:

IIS7 includes support for FTPS (FTP over SSL), but IE7 doesn't support FTPS.
Will IE8? Will there be a command-line FTPS client too?

Thanks,
RT

Hello:

I have URLSCAN 3.0 installed on a 32-bit Win2003+SP2 IIS server, and if the
URLSCAN.INI file includes the following:

[RequestLimits]
; Max-Content-Type=100
MaxAllowedContentLength=30000000
MaxUrl=260
MaxQueryString=100

Then it works fine, but if I uncomment the Max-Content-Type line (or add any
other Max-* request header lines) then URLSCAN rejects every single request
with an "Invalid index" error message in the returned in HTML, and does so
without logging anything to the URLSCAN.LOG file either.

Thanks,
RT

Hello,

I'm getting a warning message recorded in my servers application event
log every now and then (application on start or session on start). The
error is "The account that the current worker process is running under
does not have SeTcbPrivilege privilege, the anonymous password sync
feature and the Digest authentication feature are disabled.". This has
been commented on numerous time including the Microsoft KB article
899300. All of these imply that the current account the service is
running as doesn't have the necessary permissions it requires to
perform the tasks it's being asked to do.

Before I go any further, here's my setup: Windows 2003 R2 server
running a number of web sites under IIS6. The web sites use
impersonation and intergrated windows authentication. Anonymous
authentication is turned off. The web sites are running in application
pools using the NETWORK SERVICE account (negated because of
impersonation). I've checked the metabase.xml file for
AnonymousPasswordSync and UseDigestSSP and neither appear anywhere in
it.

I set up an SSL Certificate for my website. All works fine when the
site is accessed via www.mysite.com.

The problem is that there are many internal users and I don't want
them to have to go out to the internet to access the site. They
access the site with http://servername. This causes the error "name
on the security certificate is invalid".

What's the best solution for supporting both internal and external
customers?

More info:
1. For the internal users, the connection doesn't necessarily need to
be encrypted
2. On the website, I have "require ssl" checked (in IIS). Then, I
use a custom error page to redirect people...

OK, I did a bonehead move. I ran the Check Frontpage Extensions on one of my
websites. I checked everything. Now, my website comes up with a Windows
login box everytime someone tries to access it. I checked the settings and
Enable Anonymous Access is checked, but so is use Windows Integrated
Authentication. When I un-checked that, I was unable to access the site at
all. I comapred the settings, including permissions, to a site that is still
working and they seem to be identical. What did I do here and how do I undo
it? IIS6/W2k3 Server.

Hi,

I need to be able to have an ISAPI extension running under IIS7 interact
with the desktop on my develoment computer and show a dialog box. I can do
that in IIS5 (XP) but the same call to ::MessageBox does not show anything
under Vista and IIS7.

Thanks for any help,

G.

Hi,

We are seeing a problem with our ASP web application when running on Windows
2008 server under IIS7 when it is accessed locally using IE7 in protected
mode.

The problem occurs if, and only if, the following three factors are present:
IE is run on the same machine as the IIS webserver
IE is in protected mode (which implies that UAC is on)
IE uses basic authentication to the IIS webserver

If you provide the same user credentials without one of the above factors in
play then the application works correctly.

The ASP pages use a number of in-proc COM objects that fail to get access to
our named mutexes & other system objects, and fail to be able to CoCreate our
out-of-proc COM objects that are served by executables that are pre launched
by one of our Windows services.

It appears to me that the IIS process/thread that is running the ASP page is
somehow inheriting the _low_ process integrity level of the protected mode IE
process.
Why should the mode in which IE is running affect the IIS process or thread
in this way, and only do it when run locally?

IIS 6 on Win 2k3
IE 6+ on XP Pro SP2

Hi, I'm logging on to the OS as userX (username / pw) then starting IE
as userY on a smart card via
createprocesswithlogonw to attempt Integrated Windows Authentication
to a website.

The userid is the string version of the cert, the passwd is the PIN
and there is no domain.
IE starts fine. TaskMgr shows it running as the correct user.
I then navigate to an IWA web site. IE prompts me for credentials.
I've tried setting IE to automatically logon or logon with un and pw
via options in multiple sites. None alleviate the issue.

If I start IE with runas via un / pw it can IWA me just fine.
If I logon to OS with smart card and run IE as that OS logged on user
IWA works fine.

Can anyone tell me what I need to do to get the smard card credential
invocation of IE via createprocesswithlogonw to work correctly?

Thanks.

Should the default web site be stopped? In our enviornment we monitor IIS
with System Center Operations Manager and it reports any web sites that are
stopped. Our IIS admins stop all default web sites and this creates a lot of
alerts in OpsMgr.

Does anyone else do this, stop all default web sites? Is this a security
concern?

Thanks

Hello:

I am setting up a site on my IIS 6 server which will redirect to a URL on
another web server. I created the site and on the "Home Directory" tab
selected "A redirect to a URL" entered the URL and then checked "The exact
URL entered above". That should be all I have to do. When I try and hit
the site it just times out. I am not sure what I could be doing wrong.

Does anyone have any ideas?

Harrison Midkiff