Microsoft KB Archive/184701

= Distributed Password Authentication Checkbox Is Unavailable =

Article ID: 184701

Article Last Modified on 6/23/2005

-

APPLIES TO


 * Microsoft Internet Information Server 4.0

-



This article was previously published under Q184701



We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. IIS 6.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:

http://www.microsoft.com/technet/security/prodtech/IIS.mspx



SUMMARY
When you view the LDAP instance in the Microsoft Management Console, the Distributed Password Authentication checkbox is unavailable (grayed out) and unchecked in the Directory Security tab.



MORE INFORMATION
Distributed Password Authentication may be enabled for access to the Membership Directory Service (more accurately, Distributed Password Authentication is enabled for authentication to the LDAP server) using the command line administration tool. The syntax is as follows:

PMADMIN SET LDAP /ID: /LDAPAUTH:

 Where  is the instance number of the membership server, underneath which the LDAP server chosen to be managed is found. (A list of membership server names and their instance ID numbers is available by using the following command: PMADMIN LIST INSTANCE).  Where is an integer value for the type of authentication method. The valid integers are as follows:

     1=Anonymous 2=Cleartext 4=NTLM/DPA



These values are OR'ed together so any combination may be configured by setting the sum of the integer values (7=all types). Note that 4 enables Challenge Response, which is interpreted automatically as NTLM if the Membership Directory Service is configured for Windows NT authentication mode, and Distributed Password Authentication is configured for Membership authentication mode.

NOTE: When you enable the Distributed Password Authentication via command line, it should display as enabled from the Microsoft Management Console graphical user interface (GUI); however, to disable the setting, you must use the command line.

Additional query words: DPA LDAP

Keywords: kbinfo KB184701

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.