M
mikeg
We have a W2K IIS 5.0 Server with a website configured for anonymous
authentication. It's been working fine for more than a year. After applying
some July 2007 W2K updates, users suddenly started getting a Windows
authentication login prompt. I checked the site and it's still set for
anonymous access. The anonymous user account seems okay (not locked or
disabled).
Then I ran Authentication and Access Control Diagnostics 1.0 tool and
discovered BUILTIN\Administrators, NT AUTHORITY\SYSTEM and BUILTIN\Users now
have insufficient Server and Registry permissions. For example,
BUILTIN\Administrators HKLM\System\CurrentControlSet\Services\IISAdmin
registry permissions now fail diagnostics and the tool says NT
AUTHORITY\SYSTEM does not have enough access to WINNT folder and files.
However, when I check folder/file permissions everything appears normal.
Registry permissions also appear normal in REGEDT32. Nevertheless users are
suddenly falling back to Windows authentication and diagnostics are failing.
As a sanity check, I compared folder and registry permissions and ran
diagnostics on a similar IIS server where everything is still working.
Permissions are the same, but the good server passes diagnostics and
anonymous access is working fine.
I’ve already uninstalled the Windows updates. Any other ideas on how to
repair this?
authentication. It's been working fine for more than a year. After applying
some July 2007 W2K updates, users suddenly started getting a Windows
authentication login prompt. I checked the site and it's still set for
anonymous access. The anonymous user account seems okay (not locked or
disabled).
Then I ran Authentication and Access Control Diagnostics 1.0 tool and
discovered BUILTIN\Administrators, NT AUTHORITY\SYSTEM and BUILTIN\Users now
have insufficient Server and Registry permissions. For example,
BUILTIN\Administrators HKLM\System\CurrentControlSet\Services\IISAdmin
registry permissions now fail diagnostics and the tool says NT
AUTHORITY\SYSTEM does not have enough access to WINNT folder and files.
However, when I check folder/file permissions everything appears normal.
Registry permissions also appear normal in REGEDT32. Nevertheless users are
suddenly falling back to Windows authentication and diagnostics are failing.
As a sanity check, I compared folder and registry permissions and ran
diagnostics on a similar IIS server where everything is still working.
Permissions are the same, but the good server passes diagnostics and
anonymous access is working fine.
I’ve already uninstalled the Windows updates. Any other ideas on how to
repair this?