For some reason all of the BIN folder in any IIS virtual servers are
being hidden automatically.  I don't mean hidden from the .net
application, but simply hidden.  They are visible only via FTP or
command prompt, but not explorer (regardless of folder options.)

During a recent security scan of our IIS 6 box, it was shown that the II
Version, 6 in this case, and the Internal IP address of the box were being
shown externally.
Why would this be and how can I fix this.

We have three environments test, acceptance and production. On the test
and production environment everything works fine, but acceptance is
something different. So you should say make acceptance the same as test
and production. So I did but it still doesn't work.

I have a webiste where the web master would like to have others download exe
off the site. Righth now when I try to click on the link it will not download
the file. If I chage it to a zip file it works just fine...
Any thought or ideas

Ok to explain my scenario here is my goal
I have an intranet site that is available internally as well as externally.  
Currently it is just html files on the intranet (that change may come later
which will make it easy to secure via an application, unfortunately right now

    I recently built a new webserver to replace an existing server.  I
copied the data to the new server and rebuilt all of the IIS directories by
hand.  I replaced the broken SID of the old IUSR account on all of the
folders with the new IUSR account from the new server.  Now ...

We are running IIS 5, and have run the lockdown tool (2.1) using the FPEx
template.  We have noticed that anyone that opens the website inside
Frontpage can edit the contents of all websites on this server without being
prompted for a password.   We hope this is a simple ...

I am running IIS 5.1 on XP SP2.  I have two virtual directories in the same
Web site that have anonymous access disabled -  one contains HTML pages and
the other contains a CGI executable.  One of the HTML pages has a form which
executes the CGI.

I've gone through the steps of redirecting HTTP requests to HTTPS for OWA as
outlined in KB-839357. I've checked, rechecked, and checked again that all
steps were followed but I still get:
HTTP Error 403 - Forbidden

We have two domains in here and are currently migrating users from Domain A
to Domain B.
We have a trust relationship setup between the two and are using Windows
Integrated Security for Authentication.

Heres my problem:
There is a webserver at work, win2k, that originally was joined to the
domain, but is always logged on locally.
We can't get it to audit security events - domain policies override local

I've read the posts on multiple SSL certs on virtual servers, as well as the
kb articles (again) and I'm wondering if anyone has had the same issue I'm
getting now. In the past I've always managed to get multiple certs working by
either using a different port or a different IP ...

We are using MBS Business Portal 2.5 on a 2003 server (also domain
controller).  We are using Basic authentication with SSL.  (Integrated
Authentication is not an option due to clients not being part of the Windows
domain).  We also have a Novell NDS network and sync accounts to ...

I have a web server (2K3) sitting inside the DMZ which accesses data inside
the domain via the firewall. All the data, including the web site, resides on
the data server and is an in-house application. The executables runs on the
web server and fetches the data the customer ...

Hello;
I'm trying to set up a web app that accesses a SQL database on a second
server.  I want to use integrated security and have set the computer account
as trusted for delegation.  I know I need to use setspn to tell Active