Guest mikeg Posted July 21, 2007 Posted July 21, 2007 We have a W2K IIS 5.0 Server with a website configured for anonymous authentication. It's been working fine for more than a year. After applying some July 2007 W2K updates, users suddenly started getting a Windows authentication login prompt. I checked the site and it's still set for anonymous access. The anonymous user account seems okay (not locked or disabled). Then I ran Authentication and Access Control Diagnostics 1.0 tool and discovered BUILTIN\Administrators, NT AUTHORITY\SYSTEM and BUILTIN\Users now have insufficient Server and Registry permissions. For example, BUILTIN\Administrators HKLM\System\CurrentControlSet\Services\IISAdmin registry permissions now fail diagnostics and the tool says NT AUTHORITY\SYSTEM does not have enough access to WINNT folder and files. However, when I check folder/file permissions everything appears normal. Registry permissions also appear normal in REGEDT32. Nevertheless users are suddenly falling back to Windows authentication and diagnostics are failing. As a sanity check, I compared folder and registry permissions and ran diagnostics on a similar IIS server where everything is still working. Permissions are the same, but the good server passes diagnostics and anonymous access is working fine. I’ve already uninstalled the Windows updates. Any other ideas on how to repair this?
Recommended Posts