Anonymous User Password Sync

Anonymous User Password Sync

am 23.10.2007 13:17:44 von Usman Jamil

Hi

In IIS 5 , while creating websites programatically, i set the anonymous pass
sync (Allow iis to control password) property to true, due to which I dont
have to reset the password for anonymous user even if someone changes the
password from user manager under windows. In IIS 6, I repeated the same to
allow IIS to control password for anonymous users. But now I cant find this
property in IIS 7. So far as long as I dont mention username along with the
"password" while setting Anonymous user, the site or virtual directory give
me following error

Error Summary
----------------
HTTP Error 401.2 - Unauthorized
You are not authorized to view this page due to invalid authentication
headers.

Detailed Error Information
---------------------------
Module IIS Web Core
Notification AuthenticateRequest
Handler StaticFile
Error Code 0x80070005

Requested URL http://oct23domain1.com:80/admin
Physical Path C:\Program Files\Advanced Communications\Hosting Controller
7C\Web
Logon Method Not yet determined
Logon User Not yet determined


Most Likey Causes:
---------------------

No authentication protocol (including anonymous) is selected in IIS.
Only integrated authentication is enabled, and a client browser was used
that does not support integrated authentication.
Integrated authentication is enabled and the request was sent through a
proxy that changed the authentication headers before they reach the Web
server.
The Web server is not configured for anonymous access and a required
authorization header was not received.
The "configuration/system.webServer/authorization" configuration section may
be explicitly denying the user access.


Can someone please tell me how can I avoid giving password for every
anonymous user that I set. I have a scenario where I can't give passwords.

Regards

Usman Jamil

Re: Anonymous User Password Sync

am 23.10.2007 16:49:52 von Ken Schaefer

AFAIK Password sync is deprecated:
http://msdn2.microsoft.com/en-us/library/bb756981.aspx

Cheers
Ken

--
My IIS Blog: www.adOpenStatic.com/cs/blogs/ken

"Usman Jamil" wrote in message
news:u9wVYZWFIHA.4880@TK2MSFTNGP03.phx.gbl...
> Hi
>
> In IIS 5 , while creating websites programatically, i set the anonymous
> pass sync (Allow iis to control password) property to true, due to which I
> dont have to reset the password for anonymous user even if someone changes
> the password from user manager under windows. In IIS 6, I repeated the
> same to allow IIS to control password for anonymous users. But now I cant
> find this property in IIS 7. So far as long as I dont mention username
> along with the "password" while setting Anonymous user, the site or
> virtual directory give me following error
>
> Error Summary
> ----------------
> HTTP Error 401.2 - Unauthorized
> You are not authorized to view this page due to invalid authentication
> headers.
>
> Detailed Error Information
> ---------------------------
> Module IIS Web Core
> Notification AuthenticateRequest
> Handler StaticFile
> Error Code 0x80070005
>
> Requested URL http://oct23domain1.com:80/admin
> Physical Path C:\Program Files\Advanced Communications\Hosting
> Controller 7C\Web
> Logon Method Not yet determined
> Logon User Not yet determined
>
>
> Most Likey Causes:
> ---------------------
>
> No authentication protocol (including anonymous) is selected in IIS.
> Only integrated authentication is enabled, and a client browser was used
> that does not support integrated authentication.
> Integrated authentication is enabled and the request was sent through a
> proxy that changed the authentication headers before they reach the Web
> server.
> The Web server is not configured for anonymous access and a required
> authorization header was not received.
> The "configuration/system.webServer/authorization" configuration section
> may be explicitly denying the user access.
>
>
> Can someone please tell me how can I avoid giving password for every
> anonymous user that I set. I have a scenario where I can't give passwords.
>
> Regards
>
> Usman Jamil
>

Re: Anonymous User Password Sync

am 26.10.2007 07:54:15 von Bernard

IIS 7.0 uses built-in IUSR as anonymous account. No more anonymous password
sync issue.
Follow the suggestion and check your IIS 7.0 settings.

--
Regards,
Bernard Cheah
http://www.iis.net/
http://msmvps.com/blogs/bernard/


"Usman Jamil" wrote in message
news:u9wVYZWFIHA.4880@TK2MSFTNGP03.phx.gbl...
> Hi
>
> In IIS 5 , while creating websites programatically, i set the anonymous
> pass sync (Allow iis to control password) property to true, due to which I
> dont have to reset the password for anonymous user even if someone changes
> the password from user manager under windows. In IIS 6, I repeated the
> same to allow IIS to control password for anonymous users. But now I cant
> find this property in IIS 7. So far as long as I dont mention username
> along with the "password" while setting Anonymous user, the site or
> virtual directory give me following error
>
> Error Summary
> ----------------
> HTTP Error 401.2 - Unauthorized
> You are not authorized to view this page due to invalid authentication
> headers.
>
> Detailed Error Information
> ---------------------------
> Module IIS Web Core
> Notification AuthenticateRequest
> Handler StaticFile
> Error Code 0x80070005
>
> Requested URL http://oct23domain1.com:80/admin
> Physical Path C:\Program Files\Advanced Communications\Hosting
> Controller 7C\Web
> Logon Method Not yet determined
> Logon User Not yet determined
>
>
> Most Likey Causes:
> ---------------------
>
> No authentication protocol (including anonymous) is selected in IIS.
> Only integrated authentication is enabled, and a client browser was used
> that does not support integrated authentication.
> Integrated authentication is enabled and the request was sent through a
> proxy that changed the authentication headers before they reach the Web
> server.
> The Web server is not configured for anonymous access and a required
> authorization header was not received.
> The "configuration/system.webServer/authorization" configuration section
> may be explicitly denying the user access.
>
>
> Can someone please tell me how can I avoid giving password for every
> anonymous user that I set. I have a scenario where I can't give passwords.
>
> Regards
>
> Usman Jamil
>