IIS Server Security, IUSR Lockout

microsoft.public.inetserver.iis.security - About IIS Web Server Security Issues


IIS Server Security >> IUSR Lockout

by Ken Goncalves » Thu, 07 Aug 2003 03:57:55 GMT

Any chance this happend after doing a recent update?

I have suddenlt gotten this problem on an NT4 after doing
an update:

Can't guarantee it but it looks like the last security
patch to my old
> > NT4 has knocked out FTP and HTTP functions.
> >
> > Basically the IUSR_computername setup that allows
anonymous
> > connections no longer works. Every time I open up the
properties for
> > each service, the user-name is gone. When I click ANY
other tab I get
> > a prompt to enter one. I do so and when I close the
window and reopen
> > it the same thing happens.
> >
> > (Note: following tests were done with FTP as I
couldn't figure out how
> > to quickly so the same for the HTTP service. Problem
happens in
> > properties window of BOTH services...)
> >
> > As a HA-HA test, I allowed non-anonymous connections
and successfully
> > logged in as IUSR_myservername using a new password.
I then (per help)
> > re-entered the IUSR_blahblah and new password and had
the same
> > problem.
> >
> > So the service works, but does NOT allow anonymous
connection no
> > matter what I do.


>-----Original Message-----
>Using Win2003 Server with IIS6.0, I seem unable to UN-
Lockout the IUSR
>account. Any hints would be appreciated. (I am using
administrator
>priveledges on the server.
>JT
>
>
>.
>

Top

IIS Server Security >> IUSR Lockout

by John Thayer » Thu, 07 Aug 2003 20:58:06 GMT


Ken,
I recently found a Knowledge Base Article about this issue that may help us.
It is KB 332167, "How to Configure IIS to Control the Anonymous Password"
JT
"Ken Goncalves" < XXXX@XXXXX.COM > wrote in





Top

IIS Server Security >> IUSR Lockout

by kjg_it » Wed, 13 Aug 2003 01:38:32 GMT

John;

Tried to access KB 332167 and only got "The Knowledge Base (KB)
Article You Requested Is Currently Not Available". didn't happen to
save a copy locally did you???

Ken




Top

IUSR Lockout

by kjg_it » Wed, 13 Aug 2003 01:39:42 GMT

Sorry - got it this time!

Reading it now.....




Top

IUSR Lockout

by kjg_it » Thu, 21 Aug 2003 02:41:51 GMT

So in my case the fix was bizarre....

I went back to windowsupdate and there was still an item for Outlook
express 5x that needed to be done (which I had tried to do before).

Since I have outlook 6, I looked down through the list and found SP1
for Internet Explorer and ran it. It was from June 16th, but since
Outlook and Outllok express is not used on this machine I had never
cared about looking for it. This time I did it..

Once back at Windowsupdate I had a group of new patches, when run and
done POOF! http and FTP were back and the IUSR_<computername> had not
only begun holding info again, it had self completed.






Top
Similar Threads

1. IWAM_9servername) account lockout

2. User account lockout

3. Internet Guest Account Lockout 

Hi,

For some reason, the Internet Guest Account (<server name>_ANON) is kept g
getting locked out. I do see failure logon request from security log, but I 
can't
figure out which application or what kind of request caused it. Does anyone 
have
any idea how to trace down the problem, such as any tool to track which 
application
locked it out?

Thanks.

4. Account Lockouts in IIS?

5. IIS 6.0 and COM lockout 

BACKGROUND
I have an web based application that is using ASP, SOAP and COM Objects that 
reside on a web Server.
These COM objects are used to perform LIST/ADD/EDIT/DELETE items from a 
database on another Server.
The SOAP technology is used by creating a SOAP object on the ASP page and 
initiating it with a SOAP WSDL file, from which the API calls are executed.
The Web Server is Windows 2003 and using IIS 6.0

ISSUE:
The web based application functions correctly all day until approx 4.00pm of 
the working day. (Working day: 9.00 - 5.00, Mon - Fri)
At this point, none of my COM objects will operate and the API calls are not 
being sent to the Server.
The Web Application will display all other pages that do not use these COM 
objects and these pages will function correctly.
I created a test Application on the Web Server machine to test the COM API's 
which reside on the Web Server (therefore I am not using IIS to execute the 
API) and it worked successfully. This verified that the COM API's are 
functioning and the calls are executed to the DB on another Server.
If I perform an iisreset before the issue occurs at approx 4.00 pm, then the 
issue does not occur that day.
This issue does not occur over the weekend when the Application is not in use.
If I perform an iisreset, then the Application starts working correctly again.
If I wait approx 2 - 2 1/2 hours, then the Application starts working 
correctly again.

QUESTION:
Is there anyone aware of any issue or configuration setting with IIS 6.0 
that would cause this behaviour?
Is there any logging that I could perfrom on IIS to log any issues with my 
IIS processes?
Do you know of any other issue, outside of IIS, that may cause this behaviour?

6. IIS lockout problem

7. account lockout 

I had an account lockout that the actual user did not cause. I am assuming a
likely cause is someone else trying to login via Outlook web access / IIS
from the outside.

1) is there any other reason an account could get locked out beside failed
login attempts?
2) Where can I get good info on interpretting the IIS log files to
investigate this? nothing was reported in event viewer as a failed login
attempt.

any info is appreciated,
thanks.

8. Account Lockouts from IIS? - IIS Server Security