Article ID: 169263
Article Last Modified on 6/23/2005
APPLIES TO
- Microsoft Internet Information Server 2.0
- Microsoft Internet Information Server 3.0
This article was previously published under Q169263
We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. IIS 6.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:
SYMPTOMS
If the passwords in User Manager and Internet Server Manager are not identical, you will get the following error message:
CAUSE
If in User Manager, under account policies, the Account Lockout security feature has been selected, and the passwords for the anonymous Internet account (IUSR_machine-name, by default) are different in User Manager and Internet Service Manager, then when you establish an anonymous connection, you will get an incomplete header message returned the first time. On subsequent login attempts, you will get the following error message:
This occurs because IUSR tried to log onto the server with an incorrect password. After x attempts (where x is defined in User Manager, Policies, Account, Lockout after x bad login attempts), the account becomes locked out.
WORKAROUND
To restore this account, you must first go into User Manager, open the properties for the account, and clear the check box in the account locked out check box. Next, you must change the passwords in User Manager and Internet Server Manager making sure that they are identical.
Additional query words: iis remove
Keywords: kberrmsg KB169263