Microsoft KB Archive/216475

= Adding Group Containing IUSR Returns Error =

Article ID: 216475

Article Last Modified on 2/22/2007

-

APPLIES TO


 * Microsoft FrontPage 2000 Standard Edition
 * Microsoft FrontPage 2000 Server Extensions

-



This article was previously published under Q216475



SYMPTOMS
When you add a group in the Permissions dialog box of a FrontPage Web that contains the IIS Anonymous account, which is usually IUSR_machinename (where machinename is the name of your server), the following error message occurs:

These groups--DOMAINNAME\groupname--contain the account used by your web server to implement Anonymous Logons. Granting these groups access will allow anyone to have this level of access anonymously.

When you click OK in the message dialog, the group is no longer listed on the Groups tab in the Permissions dialog box; however, when you reopen the Permissions dialog box, the group that was apparently removed is still listed. Additionally, if you check the ACLs on the files, the group is there as well.



CAUSE
FrontPage attempts to prevent you from adding the IUSR_machinename anonymous account or any group that contains it to a FrontPage Web's permissions. IUSR_machinename is the account that IIS uses for anonymous browsing. If IUSR_machinename is listed with Administer, Author, and Browse access, any person attempting to open your Web will have these rights.



RESOLUTION
To resolve this problem, do not add any groups that contain the IUSR_machinename anonymous account with permissions to your Web.



WORKAROUND
When you reopen the Permissions dialog box, and the group is still listed, highlight the group and click the Remove button.



STATUS
Microsoft has confirmed this to be a problem in the FrontPage 2000 Server Extensions.

Additional query words: front page

Keywords: kbbug kbpending KB216475

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.