Security Basics mailing list archives
PKI Problem... again
From: Alvey Robert W KPWA <AlveyRW () kpt nuwc navy mil>
Date: Wed, 31 Mar 2004 15:44:55 -0800
Okay, back with some more info. System: Windows 2000 w/ IIS 5.0 Here's the problem: I've got a web server that I'm moving over to require PKI authentication to access the web site. However, when I do this the first time someone tries to connect to the site, IIS hangs. The Application Event Log says this is a SCECLI 1202 event, which says I've got some user accounts (two in my case) that no longer exist locally or on the domain, but do exist in some group policy and because of that they can't be mapped to SIDs, which causes the whole process to go kaput. I can't reach a solution because I've followed the directions on Microsoft's site (http://support.microsoft.com/default.aspx?scid=kb;en-us;324383), but the user names that can't be mapped are not in any GPOs. Anyone know how I can get around this issue? --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- PKI Problem... again Alvey Robert W KPWA (Apr 01)