Hello, I've been working with WebDAV on IIS 6 on a Windows 2003 Server box. My client program and also other WebDAV clients such as DAVExplorer were able to connect and retrieve properties of files on the W03 box. Recently our I.T. installed a bunch of security patches onto the box. And the WebDAV clients that I use now get a 405 (Method Not Allowed) whenever they attempt a PROPFIND command on the server. DAVExplorer actually doesn't even connect now since the first thing it normally does is to use PROPFIND to get a subdirectory listing. Are there any settings on the Web share that I'm not aware of? The Web share currently has Read/Write/Browse turned on. The actual directory on an NTFS has Full Control granted to the "Users" group which should apply to all. Thanks, Van
PROPFIND from WebDAV clients to IIS recently gets 405
1 posts
• Page 1 of 1
Sponsored Links
- 1. W2k3 IIS6 Basic auth over domain
Hi! Im trying to get basic authentication work in IIS6. I have checked the basic auth box in settings and selected domain and realm but when i try to access the site I have to specify the username in the DOMAIN\USERNAME format or else I'm denied access. I've also tried this on an WinXP workstation with the same result. Furthermore I've tried NOT to specify domain and realm (just checked the basic auth box), and again specefying username inte the DOMAIN\USERNAME format let's one access the site. What does the domain/realm setting do actually? Is it possible to autenticate domain users for a IIS site using only username and password? /Ulrik - 2. Secure IIS Management Interface
Anyone know if it is possible to lock down the IIS 6 Manager interface? I need to have underprivileged users have the ability to manage IIS and nothing else on several servers in a web farm. Also any possibility of locking it down to read only access? Thanks, Brian - 3. Microsoft support for XPointer and XLink
Microsoft support for XPointer and XLink what micrsoft technologies support XPointer and XLink? - 4. HTTP to HTTPS
This sounds like a simple question, but I'm getting a little confused If I have page X as HTTP and post to page Y which is HTTPS, is the data sent encrypted? And vice versa, if page Y (HTTPS) posts to page X (HTTP). I generally have both pages (X and Y) in HTTPS, which sorts out my issue. But here I'm a little confused. Any help? Thanks - 5. hardening web server
Is there a standard security template that comes with IIS to harden it? Anythin like securedc.inf?
Next
PROPFIND from WebDAV clients to IIS recently gets 405
by Van Ly » Sun, 06 Mar 2005 16:40:29 GMT
Similar Threads:
1.PROPFIND produces 405 - Method Not Allowed Error
2.propfind webdav 'sploit in 2003 iis
Well, some guy used webdav to change all the security settings on a brand new 2003 server install. he created an admin account and disbabled access from the network for others. I turned off anon access for ftp, which I can keep that way, and www, which I want anon access for eventually. What else should I do? Is there a patch out for this? I ran windows update *prior* to this hack, and I've since run the baseline security analyzer. I'm about as up to date as I can find. TIA Sample Log entry below 2003-10-12 01:37:39 [ouripaddress] OPTIONS / - 80 - 217.230.96.48 [<--dial up ip address not ours] Microsoft- WebDAV-MiniRedir/5.1.2600 200 0 0 0 - 217.230.96.48 Microsoft-WebDAV-MiniRedir/5.1.2600 501 0 0 #Software: Microsoft Internet Information Services 6.0 those times concurrent with the hack.
3.405 Error with WebDAV - affecting OWA
We've recently run the transition pack to move from SBS Premium to seperate components, all still on the same server at present. Since doing so we've been unable to use the Outlook Web Access premium client. I've tracked this down to IIS returning a 405 HTTP Verb is not allowed when a HTTP SEARCH request is made to IIS. The log file for IIS shows the following: 2006-08-22 14:45:41 192.168.234.1 GET /exchweb/6.5.7651.25/controls/tf_Messages.xsl - 80 - 192.168.234.125 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2) 200 0 0 2006-08-22 14:45:41 192.168.234.1 SEARCH /exchange/richardba/Inbox/ - 80 rse\richardba 192.168.234.125 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2) 405 0 0 2006-08-22 14:45:41 192.168.234.1 SUBSCRIBE /exchange/richardba/Calendar - 80 - 192.168.234.125 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2) 401 2 2148074254 2006-08-22 14:45:41 192.168.234.1 SUBSCRIBE /exchange/richardba/Calendar - 80 rse\richardba 192.168.234.125 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2) 200 0 0 2006-08-22 14:45:41 192.168.234.1 SUBSCRIBE /exchange/richardba/Tasks - 80 - 192.168.234.125 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2) 401 2 2148074254 2006-08-22 14:45:41 192.168.234.1 SUBSCRIBE /exchange/richardba/Tasks - 80 rse\richardba 192.168.234.125 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2) 200 0 0 2006-08-22 14:45:41 192.168.234.1 SEARCH /exchange/richardba/Calendar - 80 rse\richardba 192.168.234.125 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2) 405 0 0 2006-08-22 14:45:41 192.168.234.1 SEARCH /exchange/richardba/Tasks - 80 rse\richardba 192.168.234.125 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2) 405 0 0 2006-08-22 14:46:15 192.168.234.1 GET /exchange/ - 80 - 192.168.234.125 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2) 401 2 2148074254 2006-08-22 14:46:15 192.168.234.1 GET /exchange/ - 80 rse\richardba 192.168.234.125 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2) 200 0 0 I'm not sure as to whether this is an issue in IIS or with Exchange (hence posting similar question here and Exchange newsgroup) As far as I can work out SEARCH is a WebDAV request - what is the best way of checking if WebDAV is working correctly? And does anyone have any ideas on how to rectify this? Thanks, --Richard Burns-Allan DipComp DipIT BSc(Hons) MBCS MCSA(2000 & 2003) MCSE(NT4, 2000, 2003) Security+ IT Systems Engineer Ross-shire Engineering Limited
4.Propfind /Admin$ 404 Microsoft-WebDav-Miniredir /5.1.2600
I know I have been Hacked. I am trying to see were the hole is Does anyone know what vulnerabilty this is and how to patch it? "Propfind /Admin$ 404 Microsoft-WebDav- Miniredir /5.1.2600" Right under that in the same log file "get /robots.txt -404 Mozilla/4.01 (compatible;+grub- client-1.4.3;+crawl+your+own+Stuff+with=Http://grub.org
5.problem with webdav client Microsoft-WebDAV-MiniRedir
Hi I have a problem with web dav client for xp:Microsoft-WebDAV-MiniRedir/5.1.2600 It does not show the displayname but the url of folder, which is not the same. This is what happens: I've mappen the web dav drive to my network places. If i open explorer, browse to networkplaces and click on the drive. The subfolders displayname get the last part of the url as displayname and not the <displayname> property If i make a shortcut and then opens it through that path, it uses "Microsoft Data Access Internet Publishing Provider DAV" which displays it correctly. They recieve exactly the same response Is there any fix for this, and if not, can i force a certain client to be used always?
6. How to Resolve an HTTP 405 Resource not allowed Error in IIS
7. HTTP 405 Error / How to enable POST in IIS 6.0 to allow jscript to run
8. When i try to save something in Sharepoint 2003, error IIS 405 occ
1 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 33 guest