1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

IUSR Account

Discussion in 'Internet, Connectivity and Communications' started by _omni_, May 20, 2006.

  1. _omni_

    _omni_ Megabyte Poster

    647
    10
    62
    Not sure if this is the right forum for this...


    I'm having an argument at another forum about the IUSR account, and want to see what people here think.

    The question is: Is the IUSR_servername account (when in use) a member of the Anonymous Logon group?

    The other guys are saying that it is a member of Anonymous Logon (AL) because the user accesses the website anonymously, without entering any username or pwd.

    However, my argument is that in order for the IUSR account to be used (by x client accessing the website) it (IUSR) must authenticate, the act of which causes it to be added to the Authenticated Users (AU) group.

    Now by definition, no account that is a member of AU may be a member of AL. Therefore I say it becomes an authenticated user, even though the client using that user account remains anonymous to yourself.

    What do you all think?

    Here is the link to the original thread, if you want to see what has been said so far. (From the 2nd half of my 3rd post onwards, especially page 2.)
     
    Certifications: MCSE 2003, MCSA:M
  2. d-Faktor
    Honorary Member

    d-Faktor R.I.P - gone but never forgotten.

    810
    0
    39
    http://www.microsoft.com/technet/technetmag/issues/2006/05/ServingTheWeb/default.aspx (see #4)
     
  3. Modey

    Modey Terabyte Poster

    2,397
    99
    154
    I could be wrong d, but I don't think that point 4 in your link actually answers Omni's question.

    Useful info though, thanks. :)
     
    Certifications: A+, N+, MCP, MCDST, MCSA 2K3, MCTS, MOS, MTA, MCT, MCITP:EDST7, MCSA W7, Citrix CCA, ITIL Foundation
    WIP: Nada
  4. d-Faktor
    Honorary Member

    d-Faktor R.I.P - gone but never forgotten.

    810
    0
    39
    it doesn't? oh, uhm... granted, it doesn't spell it out, but i thought it was pretty obvious. no, the iusr account is not a member of the anonymous logon group, and yes, the iusr account is a member of the authenticated users group. and one can use w3who.dll to verify. am i missing something? :blink
     
  5. _omni_

    _omni_ Megabyte Poster

    647
    10
    62
    I tried to find somewhere to download that w3who.dll from because like that I could have proven it, but the Microsoft link is broken and I don't have Win2K.

    However good link, I'm sure I will be able to use it against them. :twisted:
     
    Certifications: MCSE 2003, MCSA:M
  6. d-Faktor
    Honorary Member

    d-Faktor R.I.P - gone but never forgotten.

    810
    0
    39
    yeah, they pulled it off the web site because it contained several vulnerabilities. still, i'm sure it's floating around somewhere on the web.
     

Share This Page

Loading...