Windows IT Pro is the authoritative and independent resource for windows nt, windows 2000, windows 2003, windows xp. Features a collection of resources and magazines for windows IT professionals.
  
  
  Advanced Search 


March 2004

Fixing FrontPage 2002 Connection Failures


From the March 2004 Edition
of Windows IT Pro
Sean Daily
Tricks & Traps
InstantDoc #41562
Windows IT Pro
Email this Article
Printer Friendly
Reader Comments
Digg This
Del.icio.us
RSS
Subscribe to Windows IT Pro | See More Windows 2000 Articles Here | Reprints | Or get the Monthly Online Pass—only $5.95 a month!

Our company just migrated to a new Web server, on which we've installed Microsoft FrontPage 2002 Server Extensions. These extensions are necessary because several of our users use FrontPage to author remotely to our Web server. This scenario worked fine with our old server, but our remote users can't connect to the FrontPage extensions or do any authoring on the new server. The problem seems to involve authentication, and when I give these users the ability to log on to the server through Windows 2000 Server Terminal Services, they can run FrontPage and author pages with no problem. I can't have users logging on to the server on a regular basis, so I need to solve this problem. Do you have any ideas?

I've run into this problem before; it relates to the security restrictions in effect on the server. Specifically, the person who configured your server probably set the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa registry subkey's RestrictAnonymous value to 2, either manually or through the use of Win2K's High Security security template. (The Microsoft article "How to Use the RestrictAnonymous Registry Value in Windows 2000" at http://support.microsoft.com/?kbid=246261 thoroughly describes this registry value.) This setting effectively removes the Everyone group from the access token that nonauthenticated users (i.e., users who don't log on with a valid user account from the server's local user accounts database or the server's domain user accounts database) use to access the server. The result is that these accounts are denied access to certain system resources that typically are accessible under different RestrictAnonymous values (i.e., values of 0 or 1). Although a RestrictAnonymous value of 2 creates a more secure system, which is certainly desirable for any server, and particularly a public Internet server such as yours, the setting can interfere with certain services and applications. FrontPage is one of these applications (and the need to use a less secure RestrictAnonymous value is just one of the reasons that using FrontPage on a public server introduces security risks).

To resolve the problem, change the RestrictAnonymous value to 1. You can also adjust this setting through the Microsoft Management Console (MMC) Group Policy Editor (GPE) snap-in, which enumerates the setting as the Additional restrictions for anonymous connections policy under Local Computer Policy\WindowsSettings\Security Settings\Local Policies\Security Options, as Figure 1 shows. The registry values of 0, 1, and 2 map to the policy settings of None. Rely on default permissions; Do not allow enumeration of SAM accounts and shares; and No access without explicit anonymous permissions, respectively.

End of Article

Reader Comments
We have RestrictAnonymous set to 2 and are able to use FrontPage extensions from any computer. We set permissions through FrontPage (version 2003) by clicking on Tools, Server, Permissions. When you click Add in this dialog box, it appears that you only have access to local server accounts and no domain accounts (left-hand Names list). However, we just type in the domainname\username in the Add Names box and these security principals are able to perform whatever web actions we've allowed. Our web server is W2K SP4.

Tom Bloom April 28, 2004

You must log on before posting a comment.

If you don't have a username & password, please register now.




Top Viewed ArticlesView all articles
Friday at PASS Europe 2006

Kevin talks about the closing day of the event and shares a funny Microsoft film. ...

More fun TechEd 2005 Resources

Kevin points out some more TechEd resources ...

WinInfo Short Takes: Week of October 13, 2008

An often irreverent look at some of the week's other news... ...
IIS and Web Administration Whitepapers The Five Secrets to Controlling Your SharePoint Environment

Extended Validation SSL Certificates

A Preliminary Look at Deployment Plans for Microsoft Windows Vista
Related Events Check out our list of Free Email Newsletters!
Windows OSs eBooks Understanding and Leveraging Code Signing Technologies

Keeping Your Business Safe from Attack: Monitoring and Managing Your Network Security

Electronic Design's Guide To New International Environmental Laws
Related FrontPage Resources Become a VIP member of the Windows IT Pro community!
Get it all with the VIP CD and VIP access. A $500+ value for only $279!

Subscribe to Windows IT Pro!
Solve your toughest technical problems with our experts and access 10,000 + articles online. 30% off

Monthly Online Pass - Only $5.95!
Get instant access to 10,000+ articles from Windows IT Pro Magazine!

TechNet Virtual Labs
Evaluate and test Microsoft's newest products.

Job Openings in IT

ADS BY GOOGLE SPONSORED LINKS FEATURED LINKS

Microsoft Exchange & Windows Connections event returns to Las Vegas Nov 10 - 13
Connections returns to Las Vegas for this exciting event where each attendee will receive SQL Server 2008 standard with 1 CAL. Co-located with Microsoft ASP.NET, SQL Server, and SharePoint Connections with over 250 in-depth sessions.

Free Online Event! Virtualization:Get the Facts!
Register now and attend this free, live in-depth online conference on November 13 and 20, 2008, produced by Windows IT Pro. All registrants are eligible to receive a complimentary one-year digital subscription to Windows IT Pro (a $49.95 value)!

Check Out Hyper-V Video on ITTV
Watch Karen Forster's interview on Hyper-V's performance on ITTV.net.

Ease Your Scripting Pains with the Flexibility of PowerShell!
Join MVP Paul Robichaux on December 11, 2008 at 11:00 AM EDT as he equips you with PowerShell basics in 3 introductory lessons, each followed by a live Q&A session—all on your own computer!

Latest Advancements in SSL Technology
There are a variety of different kinds of SSL to explore to ensure customer data is kept confidential and secure. In this paper, we will discuss some of these SSL advances to help you decide which would be best for your organization.

PASS Community Summit 2008 in Seattle on Nov 18-21
The don’t-miss event for Microsoft SQL Server Professionals. Register now and you’ll enjoy top-notch Microsoft and Community speakers and more.



Solving PST Management Problems
In this white paper, read about the top PST issues and how to administer local/network PST Files.

Get Protected -- Data Protection Manager 2007
Protect your virtualized environment with Data Protection Manager

Order Your SQL Fundamentals CD Today!
Learn how to use SQL Server, understand Office integration techniques and dive into the essentials of SQL Express and Visual Basic with this free SQL Fundamentals CD.

Maximize Your SharePoint Investment: Get Your Data Moving
Watch this web seminar now to learn how to maximize your SharePoint investment! Join us as we take a look at the complex business of securing, accessing and managing vast amounts of information in a global network and various ways to get your data moving.
Windows IT Pro Home Register FAQ for Windows WinInfo News
Europe Edition About Us Contact Us/Customer Service Media Kit Affiliates / Licensing  
SQL Server Magazine Office & SharePoint Pro Windows Dev Pro IT Job Hound ITTV
IT Library Technology Resource Directory Connected Home Windows Excavator Windows SuperSite 
 
 Windows IT Pro is a Division of Penton Media Inc.
 Copyright © 2008 Penton Media, Inc., All rights reserved. Terms and Use | Privacy Statement | Reprints and Licensing