Microsoft KB Archive/269241

From BetaArchive Wiki
Knowledge Base


Article ID: 269241

Article Last Modified on 6/27/2006


APPLIES TO

  • Microsoft Internet Information Server 4.0


This article was previously published under Q269241

We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. IIS 6.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:

http://www.microsoft.com/technet/security/prodtech/IIS.mspx


SYMPTOMS

When you log into FTP anonymously, the following error message may occur: 

c:\ftp ftp.someserver.com
Connected to ftp.someserver.com.
220 someserver Microsoft FTP Service (Version 4.0).
User (ftp.someserver.com:(none)): anonymous
331 Anonymous access allowed, send identity (e-mail name) as password.
Password:
530 User someuser@microsoft.com cannot log in.
Login failed.
ftp>

CAUSE

If the World Wide Web Server component is removed during the installation of the Windows NT Option Pack, anonymous FTP login fails because automatic password synchronization relies on a DLL that is uninstalled with the World Wide Web Server component.

RESOLUTION

To resolve this behavior, you must disable automatic password synchronization for the IUSR_ComputerName account. (This is the anonymous account.) To do this, follow these steps:

  1. Click Start, point to Programs, point to Administrative Tools (Common), and then click User Manager for Domains.
  2. To reset the anonymous account password, click Properties on the User menu, type the new password in the Password box, and then follow the on-screen prompts.
  3. After you have reset the anonymous account password, click Start, click Run, type Inetmgr.exe, and then click OK.
  4. In Internet Services Manager, right-click the URL for the FTP site that you want, and then click Properties.
  5. Click the Directory Security tab, and then under Anonymous Access and Authentication Control click Edit.
  6. Select the Allow Anonymous Access check box, and then click Edit.
  7. In the Anonymous User Account dialog box, click to clear the Enable Automatic Password Synchronization check box .
  8. In the Password box, type the password that you typed in step 2, and then click OK.


MORE INFORMATION

Password synchronization is a sub-authentication process used by Internet Information Server. This functionality is provided by the Iissuba.dll file. This DLL is uninstalled when the World Wide Web Server component is removed, which in turn causes anonymous FTP login to fail if the Enable Automatic Password Synchronization option is checked in the Security settings for the FTP service.

For more information on Password Synchronization and the sub-authentication process, click the following article numbers to view the articles in the Microsoft Knowledge Base:

216828 Password Synchronization/Allow IIS to Control Password may cause problems


218756 Logon privileges required for anonymous access



Additional query words: iis4 ftp login

Keywords: kbpending kbprb KB269241



Send feedback to Microsoft

© Microsoft Corporation. All rights reserved.


Retrieved from ‘https://www.betaarchive.com/wiki/index.php?title=Microsoft_KB_Archive/269241&oldid=317217
the Creative Commons 3.0 ShareAlike (except the Microsoft KB Archive).
Powered by MediaWiki