Microsoft KB Archive/184730

= Password Sync and IIS 4.0 return FrontPage error message =

Article ID: 184730

Article Last Modified on 1/19/2006

-

APPLIES TO


 * Microsoft FrontPage 98 Standard Edition
 * Microsoft Internet Information Server 4.0

-



This article was previously published under Q184730



SYMPTOMS
With password synchronization in Internet Information Server (IIS) 4.0, Web sites indicate that only registered users have browse access. When you try to apply for everyone to have browse access, you receive the following error message:

"Server error: To allow all users to have browse access to your web, the

account used for anonymous logons for your Microsoft Internet

Information Server must have the same password as the Windows NT

account. Please correct the password given in your Microsoft Internet

Information Service Manager WWW Properties and try again."



CAUSE
When Internet Information Server is installed, it creates the following two entries at the LM/W3SVC node of the MetaBase:

AnonymousUserName : (STRING) "IUSR_ "

AnonymousUserPass : (STRING) " "

(These have MetaBase property IDs of 6020 and 6021 respectively.)

The password is randomly generated and entered both in the MetaBase and in User Manager. If the IUSR password is changed, even with password synchronization enabled, the password is not reset at this node. That is because, with password synchronization enabled, the property is ignored by IIS. When FrontPage tries to verify the password, it does not match, and FrontPage returns an error even though the Web server is fully functional. When an administrator changes the MetaBase through the Microsoft Management Console to reset the IUSR as the anonymous account, or the administrator toggles password synchronization on and off, the property is cleared and again, FrontPage "thinks" there is an error in the password.

AnonymousUserPass may not be even be set at some child nodes in the MetaBase (for example, virtual servers at LM/W3SVC/x). FrontPage may also mistake this as a password mismatch, as in the reset scenario above, but it also allows no property to be set. You can manually add the property, but we do not recommend this.



WORKAROUND
Instead of editing the MetaBase, IIS administrators should use the following steps to work around the problem.

Note This is a permanent change to an IIS configuration until such time that FrontPage stops checking for the password or checks to see whether the AnonymousPasswordSync MetaBase property is set to true. If password synchronization is enabled again after following these steps, the Internet Service Manager will delete the property and the same problem will occur again.
 * 1) Open User Manager and retype a password for the IUSR account.
 * 2) Open the Internet Service Manager in the Microsoft Management Console (MMC).
 * 3) Right-click your Computer Name, and then click Properties.
 * 4) Choose to edit the Master Properties for the WWW Service.
 * 5) Click the Directory Security tab.
 * 6) Click the Edit button for Anonymous Access and Authentication Control.
 * 7) Click Edit for Allow Anonymous Access.
 * 8) Clear the Enable Automatic Password Synchronization check box.
 * 9) Type the IUSR password manually from step 1.
 * 10) Click OK, and retype the password when prompted.
 * 11) Click OK to exit the Authentication dialog box.
 * 12) Click Apply to set the changes.
 * 13) If prompted to override child nodes, choose them all except the Administrative Web site.
 * 14) Click OK two times to return to the MMC.
 * 15) In Control Panel, click Services, and stop the IIS Administrator Service.
 * 16) Click OK to stop all Web services as well.
 * 17) After all service have stopped, in Control Panel, click Services, and restart the WWW, FTP, and all other Web services that are installed.



STATUS
Microsoft has confirmed this to be a problem in FrontPage 98 for Windows. This issue was resolved in version 3.0.2.1706 of the extensions.



MORE INFORMATION
We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 on a computer that is running Microsoft Windows Server 2003. IIS 6.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:

http://www.microsoft.com/technet/security/prodtech/IIS.mspx

Additional query words: prodiis4

Keywords: kbbug kbfix KB184730

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.