Microsoft KB Archive/261230

= P&M Fails to Redirect to Custom Forms Login Pages on Network Shares =

Article ID: 261230

Article Last Modified on 9/23/2005

-

APPLIES TO


 * Microsoft Site Server 3.0 Standard Edition

-



This article was previously published under Q261230



SYMPTOMS
When the custom forms login page is contained on a network share, Personalization and Membership (P&M) may redirect clients to the default forms login page (Formslogin.asp) in the _mem_bin virtual directory, instead of a custom forms login page.



CAUSE
The P&M authentication filter (Authfltr.dll) fails to send a redirect to the custom forms login page, because it is using the wrong credentials when it attempts to verify the existence of the custom forms login page on the network share. The Authfltr.dll file sends a redirect to the default forms login page when the network share access attempt returns an &quot;Access Denied&quot; error message, because it determines a custom page is not available.

The credentials problem occurs because Internet Information Server (IIS) reverts the request thread token from the network share account to the system account before notifying authentication filters. This behavior is actually correct, because filters should not be forced to run under a context other than the system account.



WORKAROUND
To work around this issue, do the following:
 * 1) Create a local directory for each site that contains the custom forms login page.
 * 2) Place all other content on the network share.
 * 3) Use local directories for all content.



RESOLUTION
To resolve this problem, obtain the latest service pack for Site Server version 3.0. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

219292 How to Obtain the Latest Site Server 3.0 Service Pack



STATUS
Microsoft has confirmed that this is a problem in Site Server 3.0. This problem was first corrected in Site Server 3.0 Service Pack 4.



MORE INFORMATION
The Authfltr.dll file has been modified to check for network credentials that are specific to the virtual directory in the IIS metabase, and to use those credentials when it verifies the existence of a custom forms login page.

Keywords: kbbug kbfix kbqfe kbsiteserv300sp4fix kbhotfixserver KB261230

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.