PROPFIND from WebDAV clients to IIS recently gets 405

IIS

    Sponsored Links

    Next

  • 1. http header issue
    My IIS 6.0 servers leak version and install directory information. I want a general error message displayed notifying the end user that an error occurred and logged. I was told that this is a htrtp header issue and i can fix it with an ISAPi filter. I have never created an ISAPI filter before.
  • 2. Digest authentication for Windows domain servers - Active directory
    Hi, Our production apps running on Windows 2003 Server and most of our Applications are authenticated agains Active Directory. For couple of applications the "Digest authentication for Windows domain servers" option is selected so when users try to access those web applications the login window " ... at Digest requires a Username and Password" pops up to proivde credentials to get the access. But now we decided to remove that log in box and let the users directly access some of the pages with providing any log in information (only they click on Edit they need to provide the authentication information). So to make this happen I just went a head and un checked the "Digest authentication for Windows domain servers" option on IIS and it still pops the log in window and expecting the authentication needs to be provided. Is there a place I still need to be looking at under the properties on IIS for that application? Thanks, -L
  • 3. Failed to decrypt using provider 'CustomProvider'
    Running Vista Ultimate and VS 2008 Trying to use a private key to encrypt/decrypt the connection string have successfully run aspnet_regiis -pi have successfully run the aspnet_regiis -pa for the network service it will not run for aspnet when trying to debug my code i receive Failed to decrypt using provider 'CustomProvider'. can not decrypt the connection string - what do i need to do differently for IIS7?
  • 4. anonymous users accounts into Exchange 2007 OWA
    We have a Direct Path to our OWA box in the domain from the internet . What are the security vulnerables of having anonymous (many users share the same login and password) users. I amn also tring to explain the need for an ISA Box
  • 5. IIS Integrated Authentication with ADAM ?
    Hi We currently have an Intranet site hosted on our IIS server that is currently joined to the AD domain. Authentication is currently using 'Integrated Windows authentication'. We have the need to open this up to external users and for obvious reasons, want to move this IIS server to the DMZ and don't want it joined to the domain. I believe we need to utilise ADAM (i.e. Active Directory Application Mode) but really don't know where to start. Can anyone help? Do we need MIIS as well (sounds expensive from the basic research I've done). Is this an Infrastructure-only thing, or will we need development resource as well? Any starters-for-10 gratefully received.. Cheers, James

PROPFIND from WebDAV clients to IIS recently gets 405

Postby Van Ly » Sun, 06 Mar 2005 16:40:29 GMT

Hello,

I've been working with WebDAV on IIS 6 on a Windows 2003 Server box.  My 
client program and also other WebDAV clients such as DAVExplorer were able 
to connect and retrieve properties of files on the W03 box.

Recently our I.T. installed a bunch of security patches onto the box.  And 
the WebDAV clients that I use now get a 405 (Method Not Allowed) whenever 
they attempt a PROPFIND command on the server.  DAVExplorer actually 
doesn't even connect now since the first thing it normally does is to use 
PROPFIND to get a subdirectory listing.

Are there any settings on the Web share that I'm not aware of?  The Web 
share currently has Read/Write/Browse turned on.  The actual directory on 
an NTFS has Full Control granted to the "Users" group which should apply to 
all.

Thanks,
Van

Similar Threads:

1.PROPFIND produces 405 - Method Not Allowed Error

2.propfind webdav 'sploit in 2003 iis

Well,

some guy used webdav to change all the security settings 
on a brand new 2003 server install.

he created an admin account and disbabled access from the 
network for others.

I turned off anon access for ftp, which I can keep that 
way, and www, which I want anon access for eventually.

What else should I do?  Is there a patch out for this?  I 
ran windows update *prior* to this hack, and I've since 
run the baseline security analyzer.  I'm about as up to 
date as I can find.

TIA

Sample Log entry below

 2003-10-12 01:37:39 [ouripaddress] OPTIONS / - 80 - 
217.230.96.48 [<--dial up ip address not ours] Microsoft-
WebDAV-MiniRedir/5.1.2600 200 0 0
0 - 217.230.96.48 Microsoft-WebDAV-MiniRedir/5.1.2600 501 
0 0
#Software: Microsoft Internet Information Services 6.0

those times concurrent with the hack.

3.405 Error with WebDAV - affecting OWA

We've recently run the transition pack to move from SBS Premium to
seperate components, all still on the same server at present. Since
doing so we've been unable to use the Outlook Web Access premium
client. I've tracked this down to IIS returning a 405 HTTP Verb is not
allowed when a HTTP SEARCH request is made to IIS. The log file for IIS
shows the following:

2006-08-22 14:45:41 192.168.234.1 GET
/exchweb/6.5.7651.25/controls/tf_Messages.xsl - 80 - 192.168.234.125
Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2)
200 0 0
2006-08-22 14:45:41 192.168.234.1 SEARCH /exchange/richardba/Inbox/ -
80 rse\richardba 192.168.234.125
Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2)
405 0 0
2006-08-22 14:45:41 192.168.234.1 SUBSCRIBE
/exchange/richardba/Calendar - 80 - 192.168.234.125
Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2)
401 2 2148074254
2006-08-22 14:45:41 192.168.234.1 SUBSCRIBE
/exchange/richardba/Calendar - 80 rse\richardba 192.168.234.125
Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2)
200 0 0
2006-08-22 14:45:41 192.168.234.1 SUBSCRIBE /exchange/richardba/Tasks -
80 - 192.168.234.125
Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2)
401 2 2148074254
2006-08-22 14:45:41 192.168.234.1 SUBSCRIBE /exchange/richardba/Tasks -
80 rse\richardba 192.168.234.125
Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2)
200 0 0
2006-08-22 14:45:41 192.168.234.1 SEARCH /exchange/richardba/Calendar -
80 rse\richardba 192.168.234.125
Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2)
405 0 0
2006-08-22 14:45:41 192.168.234.1 SEARCH /exchange/richardba/Tasks - 80
rse\richardba 192.168.234.125
Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2)
405 0 0
2006-08-22 14:46:15 192.168.234.1 GET /exchange/ - 80 - 192.168.234.125
Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2)
401 2 2148074254
2006-08-22 14:46:15 192.168.234.1 GET /exchange/ - 80 rse\richardba
192.168.234.125
Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2)
200 0 0

I'm not sure as to whether this is an issue in IIS or with Exchange
(hence posting similar question here and Exchange newsgroup)
As far as I can work out SEARCH is a WebDAV request - what is the best
way of checking if WebDAV is working correctly? And does anyone have
any ideas on how to rectify this?

Thanks,
--Richard Burns-Allan

DipComp DipIT BSc(Hons) MBCS
MCSA(2000 & 2003) MCSE(NT4, 2000, 2003) Security+

IT Systems Engineer
Ross-shire Engineering Limited

4.Propfind /Admin$ 404 Microsoft-WebDav-Miniredir /5.1.2600

I know I have been Hacked. I am trying to see were the 
hole is 
Does anyone know what vulnerabilty this is and how to 
patch it?

 "Propfind /Admin$ 404 Microsoft-WebDav-
Miniredir /5.1.2600"
Right under that in the same log file

"get /robots.txt -404 Mozilla/4.01 (compatible;+grub-
client-1.4.3;+crawl+your+own+Stuff+with=Http://grub.org

5.problem with webdav client Microsoft-WebDAV-MiniRedir

Hi
I have a problem with web dav client for 
xp:Microsoft-WebDAV-MiniRedir/5.1.2600 
It does not show the displayname but the url of folder, which is not the same.
This is what happens:
I've mappen the web dav drive to my network places. If i open explorer, 
browse to networkplaces and click on the drive. The subfolders displayname 
get the last part of the url as displayname and not the <displayname> property
If i make a shortcut and then opens it through that path, it uses "Microsoft 
Data Access Internet Publishing Provider DAV" which displays it correctly.
They recieve exactly the same response 

Is there any fix for this, and if not, can i force a certain client to be 
used always?





6. How to Resolve an HTTP 405 Resource not allowed Error in IIS

7. HTTP 405 Error / How to enable POST in IIS 6.0 to allow jscript to run

8. When i try to save something in Sharepoint 2003, error IIS 405 occ



Return to IIS

 

Who is online

Users browsing this forum: No registered users and 11 guest