Microsoft KB Archive/170863
Article ID: 170863
Article Last Modified on 6/23/2005
- Microsoft Internet Information Server 3.0
This article was previously published under Q170863
We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. IIS 6.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:
If you delete the IUSER_ account from User Manager for Domains because you are not using Anonymous authentication, but have the IUSER_ account and password in the WWW Service Properties, the event log may contain the following warning, if you use only Basic and Microsoft Windows NT Challenge Response for authentication:
The above warning is logged each time you request a page or image located in a directory other than the root directory or the directory that was originally authenticated.
Note: The above errors can also occur if Anonymous connections are allowed in IIS, but Proxy Server is installed on the same computer and Anonymous is disabled.
The browser is unaware of the authentication method used by the Web server. The browser tries the first method on the list, which is the IUSER_ account in the Services tab of the WWW Service Properties. When the browser finds that the IUSER_ account has been deleted, it checks for the next method on the list, Allow Anonymous.
If Allow Anonymous is not selected, the browser tries Basic Clear Text. If Basic Clear Text is also not selected, the browser tries Windows NT Challenge Response.
If Windows NT Challenge Response is selected and valid, the browser opens the site or page using this authentication method. Therefore, you do not see an error in the browser, but only a warning in the Event Viewer.
To resolve this problem, use a valid account and password. To do so, follow these steps:
- In the WWW Service properties, click the Service tab.
- Add a user name that is a valid user account in User Manager for Domains, and give the user Log On Locally permissions.
Note: Do not delete the IUSER_ account, even if you are not using it.
Additional query words: iis
Keywords: kbprb kbusage KB170863