Users cannot access FTP or Web site (185377)
The information in this article applies to:
- Microsoft Internet Information Server 4.0
This article was previously published under Q185377 We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. IIS 6.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site: SYMPTOMS
Users cannot open an FTP or Web site.
Note A sampling of specific error messages you may receive is listed in
the "More Information" section.CAUSE
User rights in Microsoft Windows NT User Manager or the in Internet Service Manager
(ISM) are not correctly set up.WORKAROUND
The information in this "Workaround" section about troubleshooting User
Rights and Basic Authentication was taken from
the Microsoft Windows NT Option Pack online Product Documentation.
Note To view this whole topic, open the following in the product
documentation's table of contents:
- Microsoft Internet Information Server
- IIS Installation
- Troubleshooting
User rights
If a user is having trouble viewing your published files (that is, he or
she is receiving HTTP "403; Forbidden" or similar HTTP errors when
attempting to request a Web page), then there is most likely a problem
related to the user rights that are configured on your Web site. In order
to give users access to your published files, check the following items.
- Find the specific file, directory, or virtual directory which the user
cannot access in Internet Service Manager.
- View the properties for that file, directory, or virtual directory.
- Select the File property sheet (if viewing properties of a file) or
Directory property sheet (if viewing the properties of a directory or
virtual directory). Ensure that the directory or file has Read access
permissions (the Read check box should be selected).
- Select the File Security or Directory Security property sheet.
- Ensure that the user has either anonymous access, basic authentication
permissions, or Windows NT Challenge/Response permissions that will
allow him or her to view the content by clicking the Edit button in the
Anonymous Access and Authentication Control field.
- Click the Edit button in the TCP/IP and Domain Name Restrictions field
to ensure that the client's computer, group of computers, or domain
name has not been restricted from accessing your resource.
Basic Authentication
If users with Basic Authentication rights are having trouble accessing
your site, please check the following.
Ensure that the login user has Log on locally rights in Windows NT User
Manager for Domains:
- Click Start, point to Programs, point to Administrative Tools (Common), and then click User Manager for Domains.
- In User Manager, select User Rights in the Policies menu.
- Choose the right Log On Locally and make sure IUSR_ (or your anonymous
account) shows up in the list.
Make sure that you specify a Default Logon Domain for the user. In the
Authentication Methods dialog box, click Edit in the Basic Authentication
field and enter the Domain Name.
If you are concerned about the safety of transmitting passwords in clear
text (an industry standard that applies to Basic Authentication), use
Secure Sockets Layer (SSL) to secure clear text passwords. You can
configure SSL Client authentication by launching the Secure Communications
dialog box from the Directory Security or File Security property sheet.
Use Key Manager to create Key requests and the Secure Communications
dialog box to enable an SSL Authentication scheme.
| Modification Type: | Major | Last Reviewed: | 3/31/2006 |
|---|
| Keywords: | kbpending kbprb KB185377 |
|---|
|