XCCC: Disabling Anonymous Access for the Conferencing Internet Information Service Virtual Root (281594)


The information in this article applies to:

  • Microsoft Exchange 2000 Conferencing Server
This article was previously published under Q281594

SUMMARY

By default, the conferencing virtual root that hosts public conferences has the Anonymous, Basic, and Windows Integrated authentication methods enabled. Therefore, an anonymous user can use the Schedule.asp Web page to book multiple meetings and effectively exhaust all conferencing resources without ever being authenticated.

MORE INFORMATION

To prevent unauthenticated users from using the service, disable the Anonymous access method for the virtual root:
  1. Open the Internet Service Manager Microsoft Management Console (MMC) snap-in.
  2. Click to expand the default Web site.
  3. Click the Conferencing object, right-click the Conferencing object, and then click Properties in the shortcut menu.
  4. Click the Directory Security tab, click Anonymous Access and Authentication Control, and then click Edit.
  5. Click to clear the Anonymous check box, and then click OK.
Modification Type:MinorLast Reviewed:4/25/2005
Keywords:kbhowto KB281594
©2004 Microsoft Corporation. All rights reserved.