You are prompted for a password when you open an Office 2000 document in a browser (225234)



The information in this article applies to:

  • Microsoft Excel 2000
  • Microsoft FrontPage 2000
  • Microsoft PowerPoint 2000
  • Microsoft Word 2000
  • Microsoft Internet Information Server 4.0
  • Microsoft Internet Information Services 5.0

This article was previously published under Q225234

SYMPTOMS

When you open an Office 2000 document or follow a hyperlink to an Office 2000 document in a Web browser, you may be prompted to enter a password. If you click Cancel or type the user name and password, the document opens as read-only.

NOTE: You may need to type the user name and password multiple times before the document is opened in the Web browser.

CAUSE

These symptoms occur for the following reasons:
  • The Web server is using Windows NT Challenge/Response or Basic authentication, or both.

    -and-
  • Office 2000 documents are opened in a Web browser as read-write.
When you open an Office 97 document or follow a hyperlink to an Office 97 document in a Web browser, you do not experience this behavior. Office 97 documents are opened as read-only in Web browsers.

RESOLUTION

To resolve this problem, obtain Microsoft Office 2000 Service Release 1/1a (SR-1/SR-1a).

To obtain SR-1/SR-1a, click the article number below to view the article in the Microsoft Knowledge Base:

245025 OFF2000: How to Obtain and Install Microsoft Office 2000 Service Release 1/1a (SR-1/SR-1a)

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article. This problem was corrected in Microsoft Office 2000 SR-1/SR-1a.

MORE INFORMATION

With Windows NT Challenge/Response authentication turned on, most browsers prompt the user for a user name and password, and submit these details with another request for the same resource.

The Windows NT Challenge/Response authentication provides encryption of the user name and password. When a Web user is authenticated using the Windows NT Challenge/Response mechanism, the Web server does not actually receive a copy of the user's password in clear text format. Instead, an encrypted copy of the password is received, which is then passed on to the domain controller for verification. This can cause a problem if there is any ASP logic that requires access to a resource on another Windows NT computer. The remote computer will initially challenge for proof of identification. Because a copy of the user's password is not being sent, the appropriate messages can not be generated.

For more information about Internet server security, please see the following white paper:

Modification Type:MinorLast Reviewed:9/22/2005
Keywords:kbHotfixServer kbQFE kbtshoot kbbug kbfix KB225234