Password Sync and IIS 4.0 return FrontPage error message (184730)
The information in this article applies to:
- Microsoft FrontPage 98 for Windows
- Microsoft Internet Information Server 4.0
This article was previously published under Q184730 SYMPTOMS
With password synchronization in Internet Information Server (IIS) 4.0, Web
sites indicate that only registered users have browse access. When you try
to apply for everyone to have browse access, you receive the following error message:
"Server error: To allow all users to have browse access to your web, the
account used for anonymous logons for your Microsoft Internet
Information Server must have the same password as the Windows NT
account. Please correct the password given in your Microsoft Internet
Information Service Manager WWW Properties and try again."
CAUSE
When Internet Information Server is installed, it creates the following two
entries at the LM/W3SVC node of the MetaBase:
AnonymousUserName : (STRING) "IUSR_<machine>"
AnonymousUserPass : (STRING) "<password>"
(These have MetaBase property IDs of 6020 and 6021 respectively.)
The password is randomly generated and entered both in the MetaBase and in
User Manager. If the IUSR password is changed, even with password
synchronization enabled, the password is not reset at this node. That is
because, with password synchronization enabled, the property is ignored by
IIS. When FrontPage tries to verify the password, it does not match, and
FrontPage returns an error even though the Web server is fully functional.
When an administrator changes the MetaBase through the Microsoft Management
Console to reset the IUSR as the anonymous account, or the administrator
toggles password synchronization on and off, the property is cleared and again, FrontPage "thinks" there is an error in the password.
AnonymousUserPass may not be even be set at some child nodes in the
MetaBase (for example, virtual servers at LM/W3SVC/x). FrontPage may also
mistake this as a password mismatch, as in the reset scenario above, but
it also allows no property to be set. You can manually add the property,
but we do not recommend this.
WORKAROUND
Instead of editing the MetaBase, IIS administrators should use the
following steps to work around the problem.
Note This is a permanent change to an IIS configuration until such time
that FrontPage stops checking for the password or checks to see whether the
AnonymousPasswordSync MetaBase property is set to true. If password
synchronization is enabled again after following these steps, the Internet
Service Manager will delete the property and the same problem will occur
again.
- Open User Manager and retype a password for the IUSR account.
- Open the Internet Service Manager in the Microsoft Management Console
(MMC).
- Right-click your Computer Name, and then click Properties.
- Choose to edit the Master Properties for the WWW Service.
- Click the Directory Security tab.
- Click the Edit button for Anonymous Access and Authentication Control.
- Click Edit for Allow Anonymous Access.
- Clear the Enable Automatic Password Synchronization check box.
- Type the IUSR password manually from step 1.
- Click OK, and retype the password when prompted.
- Click OK to exit the Authentication dialog box.
- Click Apply to set the changes.
- If prompted to override child nodes, choose them all except the
Administrative Web site.
- Click OK two times to return to the MMC.
- In Control Panel, click Services, and stop the IIS Administrator
Service.
- Click OK to stop all Web services as well.
- After all service have stopped, in Control Panel, click Services, and
restart the WWW, FTP, and all other Web services that are installed.
STATUS
Microsoft has confirmed this to be a problem in FrontPage 98 for Windows.
This issue was resolved in version 3.0.2.1706 of the extensions.
| Modification Type: | Minor | Last Reviewed: | 1/19/2006 |
|---|
| Keywords: | kbbug kbfix KB184730 kbAudDeveloper |
|---|
|