From: Newbie on
Do you want to enable "Anonymous Access"? This means that *no* user
credentials are required to be supplied by end users?

Yes.

To allow the first, enable "Anonymous Authentication" in IIS. Disable the
other authentication options. Ensure that the configured Anonymous user
account which IIS will impersonate for NTFS file access has Read (RX)
permissions to the files/folders in your website

Yes, we did.



The server name is 'server01', IP address is '192.168.100.250'.

Internal workstations IP address from 192.168.100.1 to 192.168.100.240.
Those workstations can browse http://server01 without ask user name and
password.
If we change to http://192.168.100.250, then IE always pop up a windows to
ask user name and password.

Thanks



From: Dan on

"Newbie" <Newbie(a)discussions.microsoft.com> wrote in message
news:1A8F140C-B84D-4C2B-A399-EE3AFF723D47(a)microsoft.com...
> Do you want to enable "Anonymous Access"? This means that *no* user
> credentials are required to be supplied by end users?
>
> Yes.
>
> To allow the first, enable "Anonymous Authentication" in IIS. Disable the
> other authentication options. Ensure that the configured Anonymous user
> account which IIS will impersonate for NTFS file access has Read (RX)
> permissions to the files/folders in your website
>
> Yes, we did.
>
>
>
> The server name is 'server01', IP address is '192.168.100.250'.
>
> Internal workstations IP address from 192.168.100.1 to 192.168.100.240.
> Those workstations can browse http://server01 without ask user name and
> password.
> If we change to http://192.168.100.250, then IE always pop up a windows to
> ask user name and password.
>
> Thanks

That means that anonymous access is not working. What is happening is that
when the users go to http://server01 that is treated as being in the
Intranet Sites zone and IE by default will automatically send the current
user credentials if asked to. Because anonymous access isn't working (the
IIS anonymous account doesn't have the correct permissions for the site) IIS
is sending a request to the browser, and IE is sending the user credentials
automatically and those do then provide the permissions that IIS requires as
it impersonates that user.

When the user goes to http://192.168.1.250 then again IIS can't use
anonymous access so asks the browser for user credentials. IE treats this
site as being in the Internet zone because, and so doesn't automatically
send the user credentials - that's why you get the popup asking for the user
to enter them. Your answer to the second question above cannot be Yes - if
you disabled all options except anonymous access then the popup would never
appear, the user would simply see an error message from IIS.

Turn off basic and integrated authentication in IIS, and start tracing which
permissions need changing for IIS to work without needing the user
credentials, and you'll get the result you want.

--
Dan

First  |  Prev  | 
Pages: 1 2
Prev: IIS Password change pages 64bit
Next: FTP error 426