Microsoft KB Archive/903071

= You may receive a &quot;The function requested is not supported&quot; error message when you try to connect to a Web site that is hosted on IIS =

Article ID: 903071

Article Last Modified on 12/3/2007

-

APPLIES TO

 Microsoft Internet Information Services 6.0, when used with:  Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)

 Microsoft Windows Server 2003, Standard Edition (32-bit x86)  Microsoft Internet Information Services 5.1, when used with:  Microsoft Windows XP Professional </li> Microsoft Internet Information Services 5.0, when used with:  Microsoft Windows 2000 Server</li></ul>

 Microsoft Windows 2000 Professional Edition</li></ul> </li></ul>

-

<div class="notice_section">

<div class="notice_section">

Important This article contains information about how to modify the registry. Make sure to back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows registry

<div class="symptoms_section">

SYMPTOMS
When you try to connect to a Web site that is hosted on Microsoft Internet Information Services 6.0, Microsoft Internet Information Services 5.1, or Microsoft Internet Information Services 5.0, you may receive an error message that is similar to the following:

Error 500: The function requested is not supported.

Additionally, you may receive entries that are similar to the following in the Extended W3C log:

18:59:54 127.0.0.1 GET /localstart.asp 500 2148074242

Note The W3C Extended logs are located in the C:\WINDOWS\system32\Logfiles\.

<div class="cause_section">

CAUSE
This problem occurs if the following conditions are true:
 * The Web site is configured to use Windows Integrated authentication.
 * A strict security template has been applied to the Web server that prevents client computers that are running Microsoft Windows 2000 or earlier versions from authenticating as expected.

<div class="resolution_section">

Determine whether a custom security template or a nondefault security template was applied to the Web server
To determine whether a custom security template or a nondefault security template was applied to the Web server, follow these steps:
 * 1) Click Start, click Run, type regedit, and then click OK.
 * 2) Locate and then click the following registry key:


 * 1) In the right-pane, verify that the Value data for the NTLMMinServerSec value is 0. If the value is not 0, security restrictions because of a nondefault template may be preventing client computers that are running Windows 2000 or earlier versions from connecting to the Web site.
 * 2) In the right-pane, verify that the Value data for the NTLMMinClientSec value is 0. If the value is not 0, security restrictions because of a nondefault template may be preventing client computers that are running Windows 2000 or earlier versions from connecting to the Web site.
 * 3) Quit Registry Editor.

If a custom security template or a nondefault security template was applied to the Web server, use one of the following methods to resolve this issue.

Method 1: Use the Secedit.exe utility to reset the default template
To use the Secedit.exe utility to reset the default template, follow these steps:
 * 1) Click Start, click Run, type cmd, and then click OK.
 * 2) At the command prompt, type secedit /configure /cfg %windir%\repair\secsetup.inf /db secsetup.sdb /verbose, and then press Enter.

Note You can ignore the warning that some files in the configuration are not found on the system.
 * 1) Locate and then click the following registry key:


 * 1) In the right-pane, verify that the Value data for the NTLMMinServerSec value is 0. If the value is not 0, security restrictions because of a nondefault template may be preventing client computers that are running Windows 2000 or earlier versions from connecting to the Web site.
 * 2) In the right-pane, verify that the Value data for the NTLMMinClientSec value is 0. If the value is not 0, security restrictions because of a nondefault template may be preventing client computers that are running Windows 2000 or earlier versions from connecting to the Web site.

Method 2: Use Registry Editor to reset the default security template
To change the registry to reset the default security template, follow these steps.

Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall your operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.
 * 1) Click Start, click Run, type regedit, and then click OK.
 * 2) Locate and then click the following registry key:


 * 1) In the right-pane, right-click NTLMMinServerSec, and then click Modify.
 * 2) In the Value data box, type 0 to replace the existing value, and then click OK.
 * 3) In the right-pane, right-click NTLMMinClientSec, and then click Modify.
 * 4) In the Value data box, type 0 to replace the existing value, and then click OK.
 * 5) Quit Registry Editor.

<div class="moreinformation_section">

MORE INFORMATION
For more information about how to reset default security settings in Windows XP, click the following article number to view the article in the Microsoft Knowledge Base:

313222 How to reset security settings back to the defaults

Keywords: kbtshoot kbprb KB903071

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.