ASP script stopped working with windows 2003 servers

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Hi,

I was using an asp page that pulled a users domain login name and workstation name from the active directory and local computer config. Then for no reason at all it was deeded that our system worked too well so we would have to upgrade to windows server 2003 from windows 2000 for the domain name server system. This prevented the double hop authentication used to resolve the information above. We tried changing the reg key that allows anonymous logon to the active directory but to no avail. Any suggestions????
 
Double-hop authentication requires kerberos instead of NTLM.

I'm no IIS expert, but probably the folks who write this column are:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/columns/insider/iisi0803.asp
(It also links to a kb explaining how to configure IIS to use kerberos.)
--
Drew Cooper [MSFT]
This posting is provided "AS IS" with no warranties, and confers no rights.


Thancol said:
Hi,

I was using an asp page that pulled a users domain login name and
Click to expand...
workstation name from the active directory and local computer config. Then
for no reason at all it was deeded that our system worked too well so we
would have to upgrade to windows server 2003 from windows 2000 for the
domain name server system. This prevented the double hop authentication
used to resolve the information above. We tried changing the reg key that
allows anonymous logon to the active directory but to no avail. Any
suggestions????
 
I believe you have posted to the wrong newsgroup.
But, just where you should have posted is not clear.
Is it that the AD was upgraded to W2k3 or that the IIS webserver
was upgraded to W2k3/IIS6 ?
If the last, then you probably need to adjust the identity used by the
application pool used by the website where your asp app resides.
If the former, and your domain if not forest has been upleveled
to W2k3 functional level, then you may want to post to the AD
newsgroup instead of the IIS newsgroup.
If the IIS version did not change, and the domain is still at W2k
functional level, then are you sure it is not just a new security
alteration of IE ??
And then I am still left wondering why you said the decree was to
upgrade "domain name server system" to W2k3. This means the
DNS system (?) which should not have changed anything for your
Asp app.


Thancol said:
Hi,

I was using an asp page that pulled a users domain login name and
Click to expand...
workstation name from the active directory and local computer config. Then
for no reason at all it was deeded that our system worked too well so we
would have to upgrade to windows server 2003 from windows 2000 for the
domain name server system. This prevented the double hop authentication
used to resolve the information above. We tried changing the reg key that
allows anonymous logon to the active directory but to no avail. Any
suggestions????
 
Back
Top