Microsoft KB Archive/281594

= XCCC: Disabling Anonymous Access for the Conferencing Internet Information Service Virtual Root =

Article ID: 281594

Article Last Modified on 10/28/2006

-

APPLIES TO


 * Microsoft Exchange 2000 Conferencing Server

-



This article was previously published under Q281594



SUMMARY
By default, the conferencing virtual root that hosts public conferences has the Anonymous, Basic, and Windows Integrated authentication methods enabled. Therefore, an anonymous user can use the Schedule.asp Web page to book multiple meetings and effectively exhaust all conferencing resources without ever being authenticated.



MORE INFORMATION
To prevent unauthenticated users from using the service, disable the Anonymous access method for the virtual root:
 * 1) Open the Internet Service Manager Microsoft Management Console (MMC) snap-in.
 * 2) Click to expand the default Web site.
 * 3) Click the Conferencing object, right-click the Conferencing object, and then click Properties in the shortcut menu.
 * 4) Click the Directory Security tab, click Anonymous Access and Authentication Control, and then click Edit.
 * 5) Click to clear the Anonymous check box, and then click OK.

Additional query words: vRoot v-root IIS unauthorized

Keywords: kbhowto KB281594

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.