Microsoft KB Archive/253204

From BetaArchive Wiki
Knowledge Base

PRB: Error Message: The Server Was Unable to Logon the Windows NT Account 'IUSR_<machinename>'

Article ID: 253204

Article Last Modified on 2/23/2007


  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Professional Edition
  • Microsoft Internet Information Server 3.0
  • Microsoft Internet Information Server 4.0
  • Microsoft Internet Information Services 5.0
  • Microsoft Personal Web Server 4.0
  • Microsoft Windows NT Server 4.0 Standard Edition

This article was previously published under Q253204


The event log may contain the warning:

The server was unable to logon the Windows NT account 'IUSR_<machinename>' due to the following error: Logon failure: unknown user name or bad password. The data is the error code.
For additional information specific to this message please visit the Microsoft Online Support site located at:


Internet Information Server (IIS) attempted to use the Windows NT account specified in the Internet Service Manager and was unable to log on with the specified account and password.


By default, the anonymous account used by Internet Information Server is the IUSR_<machinename> account, where <machinename> is the name of the computer. To ensure that IIS is using a valid account and password:

  1. Open the Internet Services Manager, right-click the *<machinename> node and select Properties.
  2. Click the Edit button next to the WWW Service to display the master properties for the computer.
  3. On the Directory Security tab, click Edit in the Anonymous access and authentication control frame. The Anonymous User Account dialog box will appear. Note the account name that IIS is attempting to use for anonymous HTTP requests. Ensure that this account name exists in the Windows NT User Manager for Windows NT 4.0 or the Computer Management Console for Windows 2000.
  4. If the Allow IIS to Control Password (in Windows 2000) or Enable Automatic Password Synchronization (in Windows NT 4) is selected in the Internet Anonymous User Account dialog box, then IIS will control the password for that account and will set it to a random value. If the anonymous account was missing from the Windows NT User Manager, then restoring the account and ensuring that IIS has permission to set/control the password is usually sufficient to allow IIS to use the account. Always restart IIS after making changes to the anonymous account or password.
  5. If you continue to receive the event viewer error, then clear Allow IIS to Control Password (Windows 2000) or Enable Automatic Password Synchronization (Windows NT 4), and manually set the password to a known value in both the Internet Service Manager and the User Manager for Windows.


This behavior is by design.

Keywords: kbprb kbserver kbwebserver KB253204