User account lock
-
Hi all, I want to open a URL(http://10.14.15.23/test/test.aspx) which is present in the server.I am using the following code. CInternetSession objInetSession; try { CStdioFile* objStdFile = objInetSession.OpenURL("http://10.14.15.23/test/test.aspx",1,INTERNET_FLAG_TRANSFER_ASCII ,NULL,0); } catch(CInternetException* exp) { exp->GetErrorMessage(lpErr,sizeof(lpErr),NULL); ::AfxMessageBox(lpErr,MB_ICONSTOP); return 0; } Everything is working fine. But, the server local user account, which is configured in IIS for anonymous access, gets locked frequently. So, i am not able to access this link. Server machine has a policy that if we enter wrong password for more than 4 times while logging,the user account will get locked. Can anyone please tell me the reason for this user account lock? Thanks,
modified on Tuesday, June 1, 2010 2:54 AM
-
Hi all, I want to open a URL(http://10.14.15.23/test/test.aspx) which is present in the server.I am using the following code. CInternetSession objInetSession; try { CStdioFile* objStdFile = objInetSession.OpenURL("http://10.14.15.23/test/test.aspx",1,INTERNET_FLAG_TRANSFER_ASCII ,NULL,0); } catch(CInternetException* exp) { exp->GetErrorMessage(lpErr,sizeof(lpErr),NULL); ::AfxMessageBox(lpErr,MB_ICONSTOP); return 0; } Everything is working fine. But, the server local user account, which is configured in IIS for anonymous access, gets locked frequently. So, i am not able to access this link. Server machine has a policy that if we enter wrong password for more than 4 times while logging,the user account will get locked. Can anyone please tell me the reason for this user account lock? Thanks,
modified on Tuesday, June 1, 2010 2:54 AM
Use either Netmon or Wireshark to capture the network traffic to make sure the credentials are NULL. Check the IIS log files and look for the 403 responses as these should contain the credentials that were actually used for the request. However the first thing to check is the application pool the ASPX is running in and what credentials the server will use to run the request. If you enable auditing on the test.aspx file you will see from the security event log which credentials are being used. Put simply the site you have created is not as anonymous as you think so always check with a browser first before coding against it. If you cannot access the link then how is your code. hope that helps.
Alan
-
Use either Netmon or Wireshark to capture the network traffic to make sure the credentials are NULL. Check the IIS log files and look for the 403 responses as these should contain the credentials that were actually used for the request. However the first thing to check is the application pool the ASPX is running in and what credentials the server will use to run the request. If you enable auditing on the test.aspx file you will see from the security event log which credentials are being used. Put simply the site you have created is not as anonymous as you think so always check with a browser first before coding against it. If you cannot access the link then how is your code. hope that helps.
Alan
-
Enable auditing. It is the only way... This should help but if you search the Microsoft KB for "Account lockout" there are plenty of instructions on how to do it. http://support.microsoft.com/kb/921469[^]
Alan