FP2002: Cannot Log On to Web Site As a Newly Added User (292643)


The information in this article applies to:

  • FrontPage 2002 Server Extensions from Microsoft
  • SharePoint Team Services from Microsoft
  • Microsoft FrontPage 2002
This article was previously published under Q292643

SYMPTOMS

After you add a user to a Security Group of a SharePoint Team Web site or FrontPage 2002 Web Site, you cannot log on to the Web site as that user.

CAUSE

This behavior occurs in the following situation:
  • You configure the Web site directory security to use Basic Authentication.

    -and-
  • You add a new user to one of the following Security Groups for the FrontPage Server Extensions or SharePoint Team Services

    OWS_NUMBER_admin
    OWS_NUMBER_advauthor
    OWS_NUMBER_author
    OWS_NUMBER_browser
    OWS_NUMBER_collab

    where NUMBER is a unique identifier that is generated from the name of the of the Web site.
You cannot log on to the Web site because the Microsoft Internet Information Service (IIS) Basic Authentication password cache has not been "refreshed" to include the newly added user.

RESOLUTION

To resolve this behavior, change the delay settings that are used by IIS when updating the cache. For additional information about how to change the delay before user tokens are updated in Microsoft Internet Information Services, click the article number below to view the article in the Microsoft Knowledge Base:

152526 Changing the Default Interval for User Tokens in IIS

WORKAROUND

To work around this behavior, stop and then restart all of the IIS services. This will manually update the IIS cache.

For more information about how to restart services, search for the word "Services" in Microsoft Windows Help.

MORE INFORMATION

When you use Basic Authentication, the user supplies an unencrypted (plain text) user name and password to the IIS server computer. The Web server stores this information in a memory cache and creates a session for the user with the same credentials as the corresponding Microsoft Windows NT account.

The IIS server stores this cached account information for up to two hours but with a minimum time of fifteen minutes (idle lifetime).

For this reason, when you add a user account to one of the Web site security groups, you may have to wait for up to fifteen minutes before the IIS cache refreshes and can authenticate the changes. These cache settings are stored in the Windows registry. To view these settings, click the article number that is referenced in the "Resolution" section of this article.
Modification Type:MajorLast Reviewed:6/30/2004
Keywords:kbnofix kbprb KB292643
©2004 Microsoft Corporation. All rights reserved.