|
Posted by Roger Abell [MVP] on June 29, 2006, 10:11 pm
Please log in for more thread options I should have thought of this before.
Have him go to the User Accounts applet in control panel,
highlight his account and then access the link to manage
network passwords to see if there are cached credentials
stored there.
>
>> Have them check in IE under Tools / Internet Option, on Security tab,
>> with appropriate zone highlighted (Intranet?) click on Custom and scroll
>> to the User Authentication section at the bottom. There they should have
>> selected Prompt for user name and password
>> It is also possible that the dev server is seen as being in Intranet zone
>> on the one person's PC but in Internet by the rest.
>> --
>> Roger Abell
>> Microsoft MVP (Windows Server : Security)
>
> Thanks Roger. He says that:
>
> "I went to all the "zones"
> and required login for each. Then clear everything I can think of, open a
> new window, type in ftp://thewebsite.com and I'm in."
>
> BTW: He's not connect on the intranet. This is a server in a colo cabinet
> and there's no locally connected users. The user in question is connecting
> over a cable connection from his house to the colo facility 1000 miles
> away.
>
> Is there any chance a proxy server could be passing authentication creds
> on his behalf? I wouldn't think that's possible but...
>
>
>>
>>
>>> Hi All:
>>>
>>> I have a server running 2003 std. ed. with sp1. It's running web
>>> services with a single website and ftpsite configured on it.
>>>
>>> This is a development server, so neither the website nor the FTP site
>>> allow anonymous access. The FTP site was set up without "user
>>> isolation".
>>>
>>> I have one developer working on this site, connecting to this server
>>> remotely from an xp pro sp2 computer, who claims that they never get a
>>> login prompt when they connect using Internet Explorer. A long time ago
>>> they probably checked "remember password" when prompted for their login
>>> credentials.
>>>
>>> If I browse to the server in IE, either with http or ftp, I receive a
>>> windows login prompt, as do other people who have tried to connect
>>> without passing the credentials in the URL string (for ftp).
>>>
>>> The developer claims that they've done everything they can in Internet
>>> Options to remove the "remembered" login, including deleting their
>>> cache, cookies, history and clearing the password cache in
>>> "autocomplete". The only other software they use to interact with the
>>> server Visual Studio Ent. Ed. ver. 6 (the old Visual Studio).
>>>
>>> This is a problem because occasionally HTML mail gets sent from this
>>> server with URLs referencing images on a public server...if the URLs
>>> accidentally point to the development server, someone viewing the mail
>>> in OE gets a login prompt when they try to view the mail. The problem
>>> is, the developer never sees that happen (he just sees the email without
>>> any errors).
>>>
>>> Is there any place else that his login credentials would be stored on
>>> his computer where they could be removed? Or is there some other
>>> explanation to this phenomenon?
>>>
>>> TIA!
>>>
>>
>>
>
>
| 
XML Sitemap