Hi All, Forgive me - I'm by no means an IIS expert all, so hopefully I'll provide all the details - if not please ask. I'm attempting to setting up a WebDAV to a share, and all is working fine. My user account has permissions to get to that share, and provided I specify my account in the...

I have a basic load balancing scenario using ARR with two server farms defined. The ARR host, its default virtual web site and the server farm members (separate hardware) are all setup with Windows Integrated Authentication enabled and anonymous disabled. Each element works independently but when a route...

I've got a windows 2008 standard server with SQL 2008 standard and IIS7 installed. The web app we have made reads from the database fine but it won't write to the database. For example when I click the join button and fill out the new user page, the data doesn't get written to the 'user'...

My framework 4 asp.net app using forms authentication runs fine in Cassini and in IIS7.5 on the local box but on a public facing box with IIS7.5 in the DMZ (running cookieless session state) the authentication breaks without returning any error - the forms authentication simply does not work. I have...

Hi, My web application runs on Windows Server 2008 and IIS 7. During penetration testing, we found that it was possible to determine the existence of directories within the web root on the system through messages returned by the access control code. This could enable an attacker to target particluar...

This is just to tell everyone that if you want to connect to SQL Server with the ApplicationPoolIdentity login, you can, but you can't use the user interface of SQL Management Studio. You can do this only from script (like when you want to give access to this user to NTFS you can't do it from...

Hi, I have an ASP.NET MVC Website which is currently under development, deployed on a W2008r2 IIS7.5 server. My website uses "forms" authentication and it works perfect. As the website is under development and not open to the public, I would like to add an additional layer of protection, so...

Is it possible through IIS? Person A who's computer is in Domain A logs into a website that is in Domain B. They are prompted to enter in their crendentials to Domain B, which they do and then they are authenticated and able to get in. Then in that the website, there is a link to another website...

Hi, I know how to protect my static (HTML) pages in IIS6, and how to do it using the IIS7 Integrated Pipeline, but how can I protect my HTML pages from unauthorised access in IIS7 when running in Classic Mode? It's an ASP.NET site using forms authentication. Thanks!

Hi all, We just recently migrated one of our production sites from IIS6 (windows 2003 R2) to IIS 7.5 (Windows 2008 Enterprise R2). and we're having a few difficulties with authentication. The site is currently configured to use Digest authentication with the realm set to our active directory. Anonymous...