# MS Internet Information Server user login problem



## GS3 (Dec 25, 2006)

I am totally new to web servers and decided to give MS Internet Information Server 5.1 a try since it is included with Win XP PRO. So, I am trying to set up MS Internet Information Server for HTML but when I try to access the server from a client machine I get an error that either I do not have permission to access or I am asked for user name and password which I have no idea.

I go to the Default Website Properties, Directory Security, Anonymous Access, Edit and check "Anonymous Access" which I would think would be enough to serve pages without further questions but there is still a User Name, prefilled in as "IUSR_AAA" and a Password filled in with dots which I have no idea what password they represent. There is also a check box "Allow IIS to control passwordI have no idea how I should configure all this. I have tried several combinations and nothing works. Can someone explain this to me? How should this be configured to serve pages openly or to require a log in?

In the event log I see "The server was unable to logon the Windows NT account 'IUSR_AAA' due to the following error: Logon failure: unknown user name or bad password. The data is the error code. "



> Event Type:	Warning
> Event Source:	W3SVC
> Event Category:	None
> Event ID:	100
> ...


It seems the issue is rather complex



> http://support.microsoft.com/kb/216828/en-us
> 
> Password Synchronization/Allow IIS to Control Password May Cause Problems
> 
> ...





> http://support.microsoft.com/kb/218756/EN-US/
> 
> Logon Privileges Required for Anonymous Access
> 
> ...


I am just trying to learn the basics but this may be more complex than I am willing to deal with. In any case, if I ever wanted to have my own server I would probably host it on its own dedicated machine so that I did not have to worry about other stuff on the machine.


----------



## Rockn (Jul 29, 2001)

Can you access it on the computer that IIS is set up on?


----------



## GS3 (Dec 25, 2006)

I was using a different machine because I wanted to be sure that it was really working and I was not fooling myself thinking they were wroking when in reality they might not. I have since experimented and found that using http://localhost/ in the same machine yields the same results.

I have to admit I do not understand well how the entire authentication process works and it seems more complex than it is worth.

Those articles recommend upgrading to IIS 6 which only runs on Windows Server and not on XP. Since I am only playing around for the sake of learning I think that if I were ever to set up a real server open to the WWW then I would host it in its own machine so that there was no other important information there which could be compromised.

I still do not understand the authentication process or what the "let IIS manage the password" does.


----------

