Enabling Anonymous Authentic Access on IIS5.0 Win2K

Hello,

I'm on a local machine that is running IIS as a webserver for my web site. The IIS config uses a "Shared on another computer" setting that defines the path of my website thats located onto the main Network machine.

I entered the network directory credentials correctly and set both user manager and IIS pw's correctly for the IUSR_computername (Internet Guest Account).

I also enabled Anonymous Access in the "Directory Security" tab under the properties of my website in IIS.

Although I finished the following config, I assumed I can get my web site working with Anonymous Authentication. But yet I'm still receiving the 401.1: Unauthorized: Logoin Failed.

What can still be causing this problem for me?
When I check the "Intergrated Windows Authentication" under Directory Tab, I receive the "Enter Network Password" prompt dialog, if unchecked then I don't.

I'm figuring it has to do something with the IIS metabase password not matching the user manager pw? (I tried both checking IIS to control pw, and not to control pw).

Any feedback and suggestions will be appreciated greatly.

Thanks,
Bobby

If it helps, in W2K the user account used by IIS for anonymous web users is usually a local account on the web server computer, therefore the account will have no access at all to folders or files on a 2nd computer.

Often the cure is to "clone" the IIS user account on the 2nd computer.

Also, Integrated Authentication won't work with non-IE browsers afaik.

Hey,

I think I tried doing this. What do you exactly mean by "clone" the IIS user account on the 2nd computer?

Do you mean by this:
On the web server in IIS, the Anonymous user account is "IUSR_fakecompname" and the 2nd computer is "IUSR_fakecompname" --both with same pw and permission settings.

--The thing is when trying to do this, it'll create the same computer names but with different domains?

For example when I tried doing this the result was:
IUSR_fakecompname = web server IIS account.
MAINNET\IUSR_fakecompname = 2nd computer.
-----

Would these still be considered identicle and "cloned"?

Thanks,
Bobby

Go into the users mmc on the 2nd computer and create a local user with an identical useraname and password as the user account used by IIS on the web server.

Hi there, I'm having the same problem as him though. Here's the thing our intranet is hosted on an IIS6 server and most of the contents are in a remote server. The original setup is that the 2nd server is running on Linux via Samba. It was working fine until we have to upgrade the 2nd server's hardware and convert it to Windows 2003 Server.
So I created a VD pointing to \\newserver2\marketing. For anonymous authentication I had a domain user "intrauser" to Connect As to \\newserver2\marketing with RW permissions on that shared directory. After I set it up, I can access that directory from a browser manually (with directory browsing enabled for testing purposes), e.g. http://server2/marketing/ - no problem. Problem is the marketing page is not a plain html page, it's main.asp, the server address/name is hard coded. So I had the developer change a line in the code pointing from \\oldserver to \\newserver2. Here's where it gets ugly: when a user tries to access that site http://iisserver/marketing (where he should actually get http://iisserver/marketing/main.asp) it displays an error message, meaning asp didn't run or it ran but encountered some error and it terminated. The developer said that it has something to do with authenticating to newserver2.

I tried cloning IUSR_IISSERVER local user in the 2nd server but it's not working. I tried everything I can think of. I even tried Connect As as Administrator (local and domain), but it's still not working. Help!

I really need some assistance. Thanks guys in advanced.

What's the actual error?