Microsoft KB Archive/229781

= Users Prompted for Authentication When No NTFS Restrictions Apply =

Article ID: 229781

Article Last Modified on 11/21/2006

-

APPLIES TO


 * Microsoft Internet Information Server 1.0
 * Microsoft Internet Information Server 2.0
 * Microsoft Internet Information Server 3.0
 * Microsoft Internet Information Server 4.0
 * Microsoft Internet Information Services 5.0

-



This article was previously published under Q229781



We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. IIS 6.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:

http://www.microsoft.com/technet/security/prodtech/IIS.mspx



SYMPTOMS
When you attempt to browse a Web resource that has no NTFS file-level restrictions applied (for example, the Everyone group is granted full control rights), you may be prompted for a username and password.



CAUSE
You will be prompted for a username and password when you attempt to browse a Web resource that has no NTFS file-level restrictions applied when there are share-level restrictions.

When you attempt to access a remote Windows NT resource, most restrictive permissions apply. Therefore, even though the Everyone group may have full control at the NTFS file level, share permissions must still be negotiated. For example, if the \Inetpub\Wwwroot directory is shared and only administrators are granted access at the share level, only the administrators group will be able to access the Wwwroot directory of the Web server through a browser on a remote client.



RESOLUTION
To resolve this problem, set share-level permissions the appropriate level for the directory that the IIS virtual directory maps to.

Keywords: kbprb KB229781

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.