You may receive a "The function requested is not supported" error message when you try to connect to a Web site that is hosted on IIS (903071)


The information in this article applies to:

  • Microsoft Internet Information Services version 6.0, when used with:
    • Microsoft Windows Server 2003, Standard Edition
    • Microsoft Windows Server 2003, Enterprise Edition
  • Microsoft Internet Information Services version 5.1, when used with:
    • Microsoft Windows XP Professional
  • Microsoft Internet Information Services 5.0, when used with:
    • Microsoft Windows 2000 Server
    • Microsoft Windows 2000 Professional
Important This article contains information about how to modify the registry. Make sure to back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows registry

SYMPTOMS

When you try to connect to a Web site that is hosted on Microsoft Internet Information Services 6.0, Microsoft Internet Information Services 5.1, or Microsoft Internet Information Services 5.0, you may receive an error message that is similar to the following:
Error 500: The function requested is not supported.
Additionally, you may receive entries that are similar to the following in the Extended W3C log:
18:59:54 127.0.0.1 GET /localstart.asp 500 2148074242
Note The W3C Extended logs are located in the C:\WINDOWS\system32\Logfiles\.

CAUSE

This problem occurs if the following conditions are true:
  • The Web site is configured to use Windows Integrated authentication.
  • A strict security template has been applied to the Web server that prevents client computers that are running Microsoft Windows 2000 or earlier versions from authenticating as expected.

RESOLUTION

Determine whether a custom security template or a nondefault security template was applied to the Web server

To determine whether a custom security template or a nondefault security template was applied to the Web server, follow these steps:
  1. Click Start, click Run, type regedit, and then click OK.
  2. Locate and then click the following registry key:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
  3. In the right-pane, verify that the Value data for the NTLMMinServerSec value is 0. If the value is not 0, security restrictions because of a nondefault template may be preventing client computers that are running Windows 2000 or earlier versions from connecting to the Web site.
  4. In the right-pane, verify that the Value data for the NTLMMinClientSec value is 0. If the value is not 0, security restrictions because of a nondefault template may be preventing client computers that are running Windows 2000 or earlier versions from connecting to the Web site.
  5. Quit Registry Editor.


If a custom security template or a nondefault security template was applied to the Web server, use one of the following methods to resolve this issue.

Method 1: Use the Secedit.exe utility to reset the default template

To use the Secedit.exe utility to reset the default template, follow these steps:
  1. Click Start, click Run, type cmd, and then click OK.
  2. At the command prompt, type secedit /configure /cfg %windir%\repair\secsetup.inf /db secsetup.sdb /verbose, and then press Enter.

    Note You can ignore the warning that some files in the configuration are not found on the system.
  3. Locate and then click the following registry key:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
  4. In the right-pane, verify that the Value data for the NTLMMinServerSec value is 0. If the value is not 0, security restrictions because of a nondefault template may be preventing client computers that are running Windows 2000 or earlier versions from connecting to the Web site.
  5. In the right-pane, verify that the Value data for the NTLMMinClientSec value is 0. If the value is not 0, security restrictions because of a nondefault template may be preventing client computers that are running Windows 2000 or earlier versions from connecting to the Web site.

Method 2: Use Registry Editor to reset the default security template

To change the registry to reset the default security template, follow these steps.

Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall your operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.
  1. Click Start, click Run, type regedit, and then click OK.
  2. Locate and then click the following registry key:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
  3. In the right-pane, right-click NTLMMinServerSec, and then click Modify.
  4. In the Value data box, type 0 to replace the existing value, and then click OK.
  5. In the right-pane, right-click NTLMMinClientSec, and then click Modify.
  6. In the Value data box, type 0 to replace the existing value, and then click OK.
  7. Quit Registry Editor.

MORE INFORMATION

For more information about how to reset default security settings in Windows XP, click the following article number to view the article in the Microsoft Knowledge Base:

313222 How to reset security settings back to the defaults

Modification Type:MajorLast Reviewed:3/28/2006
Keywords:kbtshoot kbprb KB903071 kbAudITPRO
©2004 Microsoft Corporation. All rights reserved.