Using remoting methodology you can get those details of server machine located. Also i do recommend not to mention your private IP's on the blogs. It would effect your employment in your company. "Maintain in different application pools so that burden with the servers too will be reduced." Fro...more >>

Look in the metabase to see what the SSLCertHash value is for that website. It should match the thumbprint value of the certificate you want to use. Cheers Ken "Jerry Hodson" <JerryHodson@discussions.microsoft.com> wrote in message news:62F1A8E6-BA24-4A7F-91A0-BA42C9FF81EA@microsoft.com.....more >>

is the domain account it is running under "trusted for delegation"? "VC" <VC@discussions.microsoft.com> wrote in message news:3630E23B-1C39-48A9-BE3F-AB25507AE8A1@microsoft.com... > Thank you for the response. > > There are some authentication types of "Negotiate" however, there are no > du...more >>

What kind of isolation are u using ? "nandagopalrvarma" <nandagopalrvarma@gmail.com> wrote in message news:84a1dfb3-8aff-460b-85f6-533c4469af53@q24g2000prf.googlegroups.com... > Hi , > I have a Windows Server 2003 R2 Enterprise box which is an ADC and > runs SMS 2003 SP3 primary site, a FT...more >>

a) you need to make sure that the browser is authenticating using Kerberos (and not NTLM). Check the Windows Event logs for this b) you need to remove any duplicate SPNs you might have registered under the original computer account http://adopenstatic.com/faq has a list of IIS and Kerberos...more >>

>Those are all EXE in System32, which like CMD.EXE have "special" ACLs that prevent them from being launched remotely from IIS. Even a bogus EXE like 'blah'? I also have the same problem with a custom console executable (which is what I was using originally). It and the others previously m...more >>

>Do you need to use cmd.exe. Try another EXE. I've tried with xcopy, cscript, and a bogus (non-existent) exe and get the same result. ...more >>

Ken, Thank you for the tip. I looked at the metabase and it does show the correct SSLCertHash value. But when I view the certificate when I go to the web site, I am seeing the old certificate's information that is expired. -- Jerry "Ken Schaefer" wrote: > Look in the metabase to ...more >>

On Jun 23, 10:26=A0am, "Kyle Alons" <re...@to.newsgroup> wrote: > >Do you need to use cmd.exe. Try another EXE. > > I've tried with xcopy, cscript, and a bogus (non-existent) exe and get th= e > same result. Those are all EXE in System32, which like CMD.EXE have "special" ACLs that preven...more >>

Thank you for the response. There are some authentication types of "Negotiate" however, there are no duplicate SPNs, and as far as I can tell everything is setup as it should be. My only thought might be that the application pool is running under a domain account, perhaps IIS itself has to...more >>

Hi , I have a Windows Server 2003 R2 Enterprise box which is an ADC and runs SMS 2003 SP3 primary site, a FTP web site and ISA 2006 to protect the FTP as well provide Web Proxy services. My FTP site is running quite nicely though I've heard the above mentioned setup is not good and can cause l...more >>

Do you need to use cmd.exe. Try another EXE. //David http://w3-4u.blogspot.com http://blogs.msdn.com/David.Wang // On Jun 21, 9:03=A0pm, "Kyle Alons" <re...@to.newsgroup> wrote: > >How are you certain your settings actually took place at the scope you > > desire... > > I'm not ce...more >>

>How are you certain your settings actually took place at the scope you desire... I'm not certain of much, but changing the setting does seem to have some effect. "Full" results in GetLastError of 5 (access denied), while High or Medium results in: Security Exception Description: The ap...more >>

On Jun 20, 11:05=A0am, "Ben" <bf...@furino.org> wrote: > Problem: trying to move web sites to a second controller in my domain, an= d > I'm getting unwanted request for authentication. > > Detail: when the IP address of the site is on the domain controller, I > attempt to access it with IE. =A...more >>

On Jun 20, 12:03=A0pm, "Kyle Alons" <re...@to.newsgroup> wrote: > >I highly recommend searching on the terms "Modify Code Access > > Security" to arrive at good answers for your question. > > Based onhttp://msdn.microsoft.com/en-us/library/aa302425.aspx, I added a > trust element to machine.co...more >>

> When will Microsoft's FTP.EXE and Internet Explorer support FTP over SSL > (FTPS) as it is implemented in IIS7? I hope Pablo's reply didn't redirect people away from this question: It's about the *client*-side FTPS apps in Windows, not IIS. It's rather strange that IIS7 supports FTPS but...more >>

Problem: trying to move web sites to a second controller in my domain, and I'm getting unwanted request for authentication. Detail: when the IP address of the site is on the domain controller, I attempt to access it with IE. If I've set the site up in IIS, I see it, if I don't, I get a pag...more >>

>I highly recommend searching on the terms "Modify Code Access Security" to arrive at good answers for your question. Based on http://msdn.microsoft.com/en-us/library/aa302425.aspx, I added a trust element to machine.config (both 32- and 64-bit flavors): <system.web> <!-- level="[Full|Hi...more >>

Completely befuddled here. Running IIS 6.0 on my web server for many years now and have never had any issues when replacing expiring certificate file with new ones, until now. When I hit the web site, the certificate that I can view is the old expired one. Not the new one that I replced it...more >>

On Jun 19, 12:03=A0pm, S H A R I Q U E <SHARI...@discussions.microsoft.com> wrote: > i have setup intranet website and encrypted its content using SelfSSL. > Now, i want to enable external users outside the company to access this > website using HTTPS. Is it possible to utilize SelfSSL for both ...more >>

On Jun 19, 8:27=A0am, Jason Viers <s...@beanalby.net> wrote: > I have an IIS 6 ISAPI Extension that is set as a Wildcard Application > Map. =A0The virtual directory is set to Inegrated Authentication > only so it impersonates the requesting user (which GetUserNameEx > confirms). > > The IIS ma...more >>

On Jun 19, 10:20=A0am, "Kyle Alons" <re...@to.newsgroup> wrote: > >There is no alternative for your type of code to work with the default > > setting -- that would be allowing the very security vulnerabilities > which were closed by changing the default. > > >Your choices are to either change ...more >>

i have setup intranet website and encrypted its content using SelfSSL. Now, i want to enable external users outside the company to access this website using HTTPS. Is it possible to utilize SelfSSL for both intranet and extranet or do i need to purchase a certificate from VeriSign to encryp t...more >>

After googling around some more it feels like my problem lives in IE. I've tried IE versions 6 and 7. Both fail the same way. Multiple machines. Same problem. Couple of different ISPs. Same problem. I've tried running site under IIS 6. Problem persists. It seems like the conventional ...more >>

I have an IIS 6 ISAPI Extension that is set as a Wildcard Application Map. The virtual directory is set to Inegrated Authentication only so it impersonates the requesting user (which GetUserNameEx confirms). The IIS machine is trusted for delegation, and the extension uses WinHttp to access ...more >>

>There is no alternative for your type of code to work with the default setting -- that would be allowing the very security vulnerabilities which were closed by changing the default. >Your choices are to either change the default or modify the default Code Access Security on your system. Ho...more >>

David, Thank you for your response. Shortly after posting this issue, I figured out that I needed to export with private key to a .pfx file and then re-import the .pfx file back to the dev server as you indicate. If that is the procedure, however, why does the IIS Cert Wizard also offer the...more >>

Glad that you solved the problem. Just as an answer to why you need those settings: Trusted for delegation means that the account can forward credentials to another server. Without this, the client's credentials are lost between the web server and the database server. IIS_WPG group allows ...more >>

Just yesterday I received an email back from my customer saying they had figured out the configuration. They say the solution was to configure the domain account as (1) trusted for delegation, (2) a member of IIS_WPG group on FOOWEB, and (3) has "Act as a part of OS" / "Impersonate a client af...more >>

Good Morning, I have multiple applications running with integrated security to connect to a SQL back-end database. Everything works fine on our production servers which use the default system accounts for the Application Pool. However, I had to change this to use a domain account because ...more >>