Microsoft Knowledge Base Article
This article contents is Microsoft Copyrighted material.
©2005-©2007 Microsoft Corporation. All rights reserved.
Terms
of Use |
Trademarks
Article ID: 971718 - Last Review: May 27, 2009 - Revision: 1.0
The W3WP.exe process crashes when the Anonymous authentication is disabled on the IISADMPWD virtual directory
When a user's password is expired, you can use the Anonymous user account to change the expired password through the achg.asp file even when the Anonymous authentication is disabled on the IISADMPWD virtual directory.
In this situation, if the AnonymousUserName and the AnonymousUserPass metabese properties are inconsistent or the "denied access this computer from the network" policy is applied for the Anonymous user, the Anonymous user cannot log on the server and an access violation occurs. In addition, the W3WP.exe process crashes.
To avoid this effect, use one of the following methods:
- Set correct AnonymousUserName and AnonymousUserPass metabese properties or disable the "denied access this computer from the network" policy for anonymous user.
- Separate the Application pool for the IISADMPWD virtual directory.
Note A user may receive the 403.18 error when the request is redirected to the IISADMPWD password change pages, and the password cannot be changed through IISADMPWD. However, the W3WP.exe process does not crash.
Note These settings violate the Internet Information Services (IIS) requirements that are described in the following Microsoft Knowledge Base:
812614Â
(http://kbalertz.com/Feedback.aspx?kbNumber=812614/
)
Default permissions and user rights for IIS 6.0
Steps to reproduce this problem
To reproduce the problem, follow these steps:
- On the IISADMPWD virtual directory, set an incorrect password in the AnonymousUserPass metabase for the IUSR account, or apply the "denied access this computer from the network" policy for the IUSR account.
- Create a new local or domain user and enable "change their password the next time that the user logs on." This means the user's password is expired.
- Disable Anonymous authentication for IISADMPWD.
-
Enable Basic authentication or Integrated Windows authentication for IISADMPWD.
-
Create a new TEST virtual directory that is enabled Basic or Integrated Windows authentication.
When you access the TEST virtual directory, you will be redirected to the aexp3.asp Web page because the password is expired. If you enter an old password and a new password, and then click
OK, the dialog box for Basic authentication appears. If you enter the old password, you will experience the symptoms that are described in the "Symptoms" section.
APPLIES TO
- Microsoft Internet Information Services 6.0
| kbexpertiseadvanced kbtshoot kbsurveynew KB971718 |
Community Feedback System
Very often, it takes hours to solve a problem. Very often, you've looked high
and low, and have tried a lot of solutions. When you finally found it, chances
are, it was because someone else helped you. Here's your chance to give back.
Use our community feedback tool to let others know what worked for you and what
didn't.
Please also understand that the community feedback system is not warranted to be
correct, it's simply a system that we've built to let people try and help each
other. If something in a feedback response doesn't make sense to you, or you're
not comfortable making changes that the feedback talks about (like registry
edits), please consult a professional.
Thank you for using kbAlertz.com Feedback System.
-- Scott Cate
Be the first to leave feedback, to help others about this knowledge base
article.
(Optional) Name
(Optional)
Public URL Or Email
Comments
No
HTML -- Text Only Please