473,320 Members | 1,724 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

401.3 ACL error

Fox
Hi

I do not run a domain or Active Directory.
I am on IIS 5.0 on Windows 2000 server.
When I secure a folder and its files I
am having a problem getting the new
user to be able to access it. The IIS
security tab has Anonymous unchecked.
The other two boxes are checked.
I have tried also with only the clear
text authentication checked.
I have tried that user with having all
the way up to FULL permissions, without
it working.

I get a 401.3 error.

However, If I allow IUSR/Machine or add the
new user (temporarily) to Administrators group,
it works fine.

Am I forgetting something or could something
have happened to screw up my security management?

Regards,
Fox
Jul 19 '05 #1
5 4215
"Fox" <fox @ connexions .net> wrote in message
news:u3**************@TK2MSFTNGP12.phx.gbl...
Hi

I do not run a domain or Active Directory.
I am on IIS 5.0 on Windows 2000 server.
When I secure a folder and its files I
am having a problem getting the new
user to be able to access it. The IIS
security tab has Anonymous unchecked.
The other two boxes are checked.
I have tried also with only the clear
text authentication checked.
I have tried that user with having all
the way up to FULL permissions, without
it working.

I get a 401.3 error.

However, If I allow IUSR/Machine or add the
new user (temporarily) to Administrators group,
it works fine.

Am I forgetting something or could something
have happened to screw up my security management?


401.3 means the account still does not have NTFS permission to the file
requested.

IIS 5 Documentation
http://www.microsoft.com/windows2000/en/server/iis/
Microsoft Internet Information Server
Administration
Server Administration
Security
Authentication
Access Control

IIS 6 Documentation
http://www.microsoft.com/technet/pro...entication.asp
HOW TO: Configure IIS 5.0 Web Site Authentication in Windows 2000
http://support.microsoft.com/?id=310344
HOW TO: Configure User and Group Access on an Intranet in Windows 2000 or
Windows NT 4.0
http://support.microsoft.com/?id=325358
HOW TO: Configure IIS Web Site Authentication in Windows Server 2003
http://support.microsoft.com/default...b;en-us;324274

--
Tom Kaminski IIS MVP
http://www.iistoolshed.com/ - tools, scripts, and utilities for running IIS
http://mvp.support.microsoft.com/
http://www.microsoft.com/windowsserv...y/centers/iis/

Jul 19 '05 #2
Fox

"Tom Kaminski [MVP]" <tomk (A@T) mvps (D.O.T) org> wrote in message
news:c1**********@kcweb01.netnews.att.com...
"Fox" <fox @ connexions .net> wrote in message
news:u3**************@TK2MSFTNGP12.phx.gbl...
Hi

I do not run a domain or Active Directory.
I am on IIS 5.0 on Windows 2000 server.
When I secure a folder and its files I
am having a problem getting the new
user to be able to access it. The IIS
security tab has Anonymous unchecked.
The other two boxes are checked.
I have tried also with only the clear
text authentication checked.
I have tried that user with having all
the way up to FULL permissions, without
it working.

I get a 401.3 error.

However, If I allow IUSR/Machine or add the
new user (temporarily) to Administrators group,
it works fine.

Am I forgetting something or could something
have happened to screw up my security management?
401.3 means the account still does not have NTFS permission to the file
requested.

IIS 5 Documentation
http://www.microsoft.com/windows2000/en/server/iis/
Microsoft Internet Information Server
Administration
Server Administration
Security
Authentication
Access Control

IIS 6 Documentation

http://www.microsoft.com/technet/pro.../proddocs/stan
dard/gs_authentication.asp

HOW TO: Configure IIS 5.0 Web Site Authentication in Windows 2000
http://support.microsoft.com/?id=310344
HOW TO: Configure User and Group Access on an Intranet in Windows 2000 or
Windows NT 4.0
http://support.microsoft.com/?id=325358
HOW TO: Configure IIS Web Site Authentication in Windows Server 2003
http://support.microsoft.com/default...b;en-us;324274

--
Tom Kaminski IIS MVP
http://www.iistoolshed.com/ - tools, scripts, and utilities for running IIS http://mvp.support.microsoft.com/
http://www.microsoft.com/windowsserv...y/centers/iis/


If there is a more appropriate NG for this, can you point me to it
so I will not be off topic? I did not find one.

Thanks for all the detailed links. I entirely read all but the first one.
I have been running this server for 2 years after 6 years with NT4
and this problem just started.

There has to be something seriously comprimised. I really don't know
what the next thing to do will be. Reformtting and starting over is not
an option right now. I have sat at the computer as long as 5 hours
straight fiddling around with tests, on more than one occasion, and
it just doesn't work right anymore. Have you ever heard of this type
of a comprimise. I know I have been hacked and cannot find the
remnants on server. I do not know what it had done, but I stopped
it from calling home and have had to live with it in that state. No
programs nor does my searching find the culprit. Meanwhile I am thinking
that if is it possible, this is what comprimised my security since it
just doesn't work right anymore.

It is obvious that if I can get someone in there on Front Page
and they are part of the users group and clear text is selected
then everything has been done. As I had mentioned, if I add them
to the ADMIN group or if I allow IUSR to access the folder
it works fine. I would think from that, that I have done all I can
do. HELP !

Feedback is more than welcome
Regards,
Dennis
Jul 19 '05 #3
"Fox" <fox @ connexions .net> wrote in message
news:Oq**************@TK2MSFTNGP10.phx.gbl...

"Tom Kaminski [MVP]" <tomk (A@T) mvps (D.O.T) org> wrote in message
news:c1**********@kcweb01.netnews.att.com...
"Fox" <fox @ connexions .net> wrote in message
news:u3**************@TK2MSFTNGP12.phx.gbl...
Hi

I do not run a domain or Active Directory.
I am on IIS 5.0 on Windows 2000 server.
When I secure a folder and its files I
am having a problem getting the new
user to be able to access it. The IIS
security tab has Anonymous unchecked.
The other two boxes are checked.
I have tried also with only the clear
text authentication checked.
I have tried that user with having all
the way up to FULL permissions, without
it working.

I get a 401.3 error.

However, If I allow IUSR/Machine or add the
new user (temporarily) to Administrators group,
it works fine.

Am I forgetting something or could something
have happened to screw up my security management?
401.3 means the account still does not have NTFS permission to the file
requested.

IIS 5 Documentation
http://www.microsoft.com/windows2000/en/server/iis/
Microsoft Internet Information Server
Administration
Server Administration
Security
Authentication
Access Control

IIS 6 Documentation

http://www.microsoft.com/technet/pro.../proddocs/stan dard/gs_authentication.asp


HOW TO: Configure IIS 5.0 Web Site Authentication in Windows 2000
http://support.microsoft.com/?id=310344
HOW TO: Configure User and Group Access on an Intranet in Windows 2000 or Windows NT 4.0
http://support.microsoft.com/?id=325358
HOW TO: Configure IIS Web Site Authentication in Windows Server 2003
http://support.microsoft.com/default...b;en-us;324274

--
Tom Kaminski IIS MVP
http://www.iistoolshed.com/ - tools, scripts, and utilities for running IIS
http://mvp.support.microsoft.com/
http://www.microsoft.com/windowsserv...y/centers/iis/


If there is a more appropriate NG for this, can you point me to it
so I will not be off topic? I did not find one.


Why microsoft.public.inetserver.iis of course!
Thanks for all the detailed links. I entirely read all but the first one.
I have been running this server for 2 years after 6 years with NT4
and this problem just started.

There has to be something seriously comprimised. I really don't know
what the next thing to do will be. Reformtting and starting over is not
an option right now. I have sat at the computer as long as 5 hours
straight fiddling around with tests, on more than one occasion, and
it just doesn't work right anymore. Have you ever heard of this type
of a comprimise. I know I have been hacked and cannot find the
remnants on server. I do not know what it had done, but I stopped
it from calling home and have had to live with it in that state. No
programs nor does my searching find the culprit. Meanwhile I am thinking
that if is it possible, this is what comprimised my security since it
just doesn't work right anymore.
No, i've never heard of this type of compromise - but if you've been hacked
and can't get anything to work right, sometimes rebuidling from scratch is
the only solution ...
It is obvious that if I can get someone in there on Front Page
and they are part of the users group and clear text is selected
then everything has been done. As I had mentioned, if I add them
to the ADMIN group or if I allow IUSR to access the folder
it works fine. I would think from that, that I have done all I can
do. HELP !


Try here:

HOW TO: Set Basic NTFS Permissions for IIS 5.0
http://support.microsoft.com/default...b;en-us;271071

How to Restore the Default NTFS Permissions for Windows 2000
http://support.microsoft.com/default...b;en-us;266188

HOW TO: Set IIS Permissions for Specific Objects
http://support.microsoft.com/default...b;en-us;324068

--
Tom Kaminski IIS MVP
http://www.iistoolshed.com/ - tools, scripts, and utilities for running IIS
http://mvp.support.microsoft.com/
http://www.microsoft.com/windowsserv...y/centers/iis/

Jul 19 '05 #4
"Tom Kaminski [MVP]" <tomk (A@T) mvps (D.O.T) org> wrote in message
news:c1**********@kcweb01.netnews.att.com...
"Fox" <fox @ connexions .net> wrote in message
news:Oq**************@TK2MSFTNGP10.phx.gbl...
If there is a more appropriate NG for this, can you point me to it
so I will not be off topic? I did not find one.


Why microsoft.public.inetserver.iis of course!


Oh yeah, microsoft.public.inetserver.iis.security is probably a good one too
....

--
Tom Kaminski IIS MVP
http://www.iistoolshed.com/ - tools, scripts, and utilities for running IIS
http://mvp.support.microsoft.com/
http://www.microsoft.com/windowsserv...y/centers/iis/

Jul 19 '05 #5
Your user account may need permissions on a file outside of the application
such as a component dll. Enable file auditing and check for access failures.

--
Mark Schupp
Head of Development
Integrity eLearning
www.ielearning.com
"Fox" <fox @ connexions .net> wrote in message
news:Oq**************@TK2MSFTNGP10.phx.gbl...

"Tom Kaminski [MVP]" <tomk (A@T) mvps (D.O.T) org> wrote in message
news:c1**********@kcweb01.netnews.att.com...
"Fox" <fox @ connexions .net> wrote in message
news:u3**************@TK2MSFTNGP12.phx.gbl...
Hi

I do not run a domain or Active Directory.
I am on IIS 5.0 on Windows 2000 server.
When I secure a folder and its files I
am having a problem getting the new
user to be able to access it. The IIS
security tab has Anonymous unchecked.
The other two boxes are checked.
I have tried also with only the clear
text authentication checked.
I have tried that user with having all
the way up to FULL permissions, without
it working.

I get a 401.3 error.

However, If I allow IUSR/Machine or add the
new user (temporarily) to Administrators group,
it works fine.

Am I forgetting something or could something
have happened to screw up my security management?
401.3 means the account still does not have NTFS permission to the file
requested.

IIS 5 Documentation
http://www.microsoft.com/windows2000/en/server/iis/
Microsoft Internet Information Server
Administration
Server Administration
Security
Authentication
Access Control

IIS 6 Documentation

http://www.microsoft.com/technet/pro.../proddocs/stan dard/gs_authentication.asp


HOW TO: Configure IIS 5.0 Web Site Authentication in Windows 2000
http://support.microsoft.com/?id=310344
HOW TO: Configure User and Group Access on an Intranet in Windows 2000 or Windows NT 4.0
http://support.microsoft.com/?id=325358
HOW TO: Configure IIS Web Site Authentication in Windows Server 2003
http://support.microsoft.com/default...b;en-us;324274

--
Tom Kaminski IIS MVP
http://www.iistoolshed.com/ - tools, scripts, and utilities for running

IIS
http://mvp.support.microsoft.com/
http://www.microsoft.com/windowsserv...y/centers/iis/


If there is a more appropriate NG for this, can you point me to it
so I will not be off topic? I did not find one.

Thanks for all the detailed links. I entirely read all but the first one.
I have been running this server for 2 years after 6 years with NT4
and this problem just started.

There has to be something seriously comprimised. I really don't know
what the next thing to do will be. Reformtting and starting over is not
an option right now. I have sat at the computer as long as 5 hours
straight fiddling around with tests, on more than one occasion, and
it just doesn't work right anymore. Have you ever heard of this type
of a comprimise. I know I have been hacked and cannot find the
remnants on server. I do not know what it had done, but I stopped
it from calling home and have had to live with it in that state. No
programs nor does my searching find the culprit. Meanwhile I am thinking
that if is it possible, this is what comprimised my security since it
just doesn't work right anymore.

It is obvious that if I can get someone in there on Front Page
and they are part of the users group and clear text is selected
then everything has been done. As I had mentioned, if I add them
to the ADMIN group or if I allow IUSR to access the folder
it works fine. I would think from that, that I have done all I can
do. HELP !

Feedback is more than welcome
Regards,
Dennis

Jul 19 '05 #6

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
by: AIM | last post by:
Error in msvc in building inheritance.obj to build hello.pyd Hello, I am trying to build the boost 1.31.0 sample extension hello.cpp. I can not compile the file inheritance.cpp because the two...
2
by: Gregory | last post by:
Hi, One of the disadvantages of using error handling with error codes instead of exception handling is that error codes retuned from a function can be forgotten to check thus leading to...
13
by: deko | last post by:
I use this convention frequently: Exit_Here: Exit Sub HandleErr: Select Case Err.Number Case 3163 Resume Next Case 3376 Resume Next
7
by: p | last post by:
WE had a Crystal 8 WebApp using vs 2002 which we upgraded to VS2003. I also have Crystal 9 pro on my development machine. The web app runs fine on my dev machine but am having problems deploying....
3
by: Manuel | last post by:
I'm trying to compile glut 3.7.6 (dowbloaded from official site)using devc++. So I've imported the glut32.dsp into devc++, included manually some headers, and start to compile. It return a very...
0
by: bazzer | last post by:
hey, im trying to access a microsoft access database from an ASP.NET web application in visual basic 2003.NET. i get the following error when i try running it: Server Error in...
1
by: developer | last post by:
Hi All I have made a .NET project. the files included are borland c++ files that i am migrate to VC++ .NET I am using Microsoft Visual C++ .NET 2003. the compilation goes through properly,...
0
by: mchuc7719 | last post by:
Hello, I have a Vb.Net 2005 ClassLibrary, when I try to compile using MSBee, only get errors. Before I to run the command line, I open in notepad the .vbproj and I was add the next line: ...
2
hyperpau
by: hyperpau | last post by:
Before anything else, I am not a very technical expert when it comes to VBA coding. I learned most of what I know by the excellent Access/VBA forum from bytes.com (formerly thescripts.com). Ergo, I...
0
hyperpau
by: hyperpau | last post by:
Before anything else, I am not a very technical expert when it comes to VBA coding. I learned most of what I know by the excellent Access/VBA forum from bytes.com (formerly thescripts.com). Ergo, I...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.