Jump to content

Broken Authentication, File and Registry Permissions


Recommended Posts

Guest mikeg
Posted

We have a W2K IIS 5.0 Server with a website configured for anonymous

authentication. It's been working fine for more than a year. After applying

some July 2007 W2K updates, users suddenly started getting a Windows

authentication login prompt. I checked the site and it's still set for

anonymous access. The anonymous user account seems okay (not locked or

disabled).

 

Then I ran Authentication and Access Control Diagnostics 1.0 tool and

discovered BUILTIN\Administrators, NT AUTHORITY\SYSTEM and BUILTIN\Users now

have insufficient Server and Registry permissions. For example,

BUILTIN\Administrators HKLM\System\CurrentControlSet\Services\IISAdmin

registry permissions now fail diagnostics and the tool says NT

AUTHORITY\SYSTEM does not have enough access to WINNT folder and files.

 

However, when I check folder/file permissions everything appears normal.

Registry permissions also appear normal in REGEDT32. Nevertheless users are

suddenly falling back to Windows authentication and diagnostics are failing.

 

As a sanity check, I compared folder and registry permissions and ran

diagnostics on a similar IIS server where everything is still working.

Permissions are the same, but the good server passes diagnostics and

anonymous access is working fine.

 

I’ve already uninstalled the Windows updates. Any other ideas on how to

repair this?

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...