IIS 6.0 / Windows Server 2003 / access based on domain

I'm working on a simple file sharing website for my company. We want
all of our stores to be able to access the website, but only those
stores.

Each store uses a dynamic domain name (kind of like dyndns.org but a
commercial one, which pegs its dns name down to for example:

store1.commercialdns.com
store2.commercialdns.com

etc...

Long and short of it, I configured the site initially (earlier in the
day) that it can be accessed by domains I listed before
(store1.commercialdns.com etc...). It worked. They could get in
fine, I was able to look around and everything worked.

Well, I'm working on the thing now and for whatever reason it seems
the dns resolution isn't happening from the server. If I plug in a
store's IP address, bang zap they can get into the site. If I use
domain based security, no go. I went so far as to even hard code the
DNS on the server just in case it wasn't resolving. Still no dice. I
keep getting 403 errors unless I use the IP instead of the DNS info.

I attempted a traceroute to the dynamic domain names and verified it
makes it to each store.

Can anyone think of any reason this would've worked earlier in the day
and is not working now?

I'm a little baffled. Event logs and WWW logs are not enlightening.

Re: IIS 6.0 / Windows Server 2003 / access based on domain

On Aug 22, 5:59 pm, Nick Dangr wrote:
> I'm working on a simple file sharing website for my company. We want
> all of our stores to be able to access the website, but only those
> stores.
>
> Each store uses a dynamic domain name (kind of like dyndns.org but a
> commercial one, which pegs its dns name down to for example:
>
> store1.commercialdns.com
> store2.commercialdns.com
>
> etc...
>
> Long and short of it, I configured the site initially (earlier in the
> day) that it can be accessed by domains I listed before
> (store1.commercialdns.com etc...). It worked. They could get in
> fine, I was able to look around and everything worked.
>
> Well, I'm working on the thing now and for whatever reason it seems
> the dns resolution isn't happening from the server. If I plug in a
> store's IP address, bang zap they can get into the site. If I use
> domain based security, no go. I went so far as to even hard code the
> DNS on the server just in case it wasn't resolving. Still no dice. I
> keep getting 403 errors unless I use the IP instead of the DNS info.
>
> I attempted a traceroute to the dynamic domain names and verified it
> makes it to each store.
>
> Can anyone think of any reason this would've worked earlier in the day
> and is not working now?
>
> I'm a little baffled. Event logs and WWW logs are not enlightening.


What protocol are you using to access the "simple websharing website"?
Is it plain HTTP, WebDAV, or some other proprietary protocol?

Because assuming networking can connect between the client and store
based on DNS name, the next thing to check is the protocol used to
communicate and then the code implementing that protocol and finally
any logs from that code to troubleshoot.


//David
http://w3-4u.blogspot.com
http://blogs.msdn.com/David.Wang
//

Re: IIS 6.0 / Windows Server 2003 / access based on domain

On Aug 26, 4:43 am, David Wang wrote:
> On Aug 22, 5:59 pm, Nick Dangr wrote:
>
>
>
> > I'm working on a simple file sharing website for my company. We want
> > all of our stores to be able to access the website, but only those
> > stores.
>
> > Each store uses a dynamic domain name (kind of like dyndns.org but a
> > commercial one, which pegs its dns name down to for example:
>
> > store1.commercialdns.com
> > store2.commercialdns.com
>
> > etc...
>
> > Long and short of it, I configured the site initially (earlier in the
> > day) that it can be accessed by domains I listed before
> > (store1.commercialdns.com etc...). It worked. They could get in
> > fine, I was able to look around and everything worked.
>
> > Well, I'm working on the thing now and for whatever reason it seems
> > the dns resolution isn't happening from the server. If I plug in a
> > store's IP address, bang zap they can get into the site. If I use
> > domain based security, no go. I went so far as to even hard code the
> > DNS on the server just in case it wasn't resolving. Still no dice. I
> > keep getting 403 errors unless I use the IP instead of the DNS info.
>
> > I attempted a traceroute to the dynamic domain names and verified it
> > makes it to each store.
>
> > Can anyone think of any reason this would've worked earlier in the day
> > and is not working now?
>
> > I'm a little baffled. Event logs and WWW logs are not enlightening.
>
> What protocol are you using to access the "simple websharing website"?
> Is it plain HTTP, WebDAV, or some other proprietary protocol?
>
> Because assuming networking can connect between the client and store
> based on DNS name, the next thing to check is the protocol used to
> communicate and then the code implementing that protocol and finally
> any logs from that code to troubleshoot.
>
> //Davidhttp://w3-4u.blogspot.comhttp://blogs.msdn.com/David. Wang
> //

Actually its plain old HTTP through a Windows 2003 RC1 server. I was
working with security for the server, so that only the IPs from the
stores could connect. Seems like the server is able to resolve their
names/IPs without a problem. They access the site correctly when I
enter their IP addresses. If I use their domain names, however, it
won't let them in. Almost like it resolves the name to an IP but
ignores it when they're attempting to access it from the outside.

Right now I'm using hard coded IP addresses, which works, but if they
ever change IPs, we're going to have to modify the info on the server.

Thanks for the reply!

ben