Article ID: 332142 - View products that this article applies to.
This article was previously published under Q332142
We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 7.0 running on Microsoft Windows Server 2008. IIS 7.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:
http://www.microsoft.com/technet/security/prodtech/IIS.mspxFor more information about IIS 7.0, visit the following Microsoft Web site:
When cached content or an ISAPI extension located on a UNC share and hosted on Internet Information Services (IIS) is requested with NTLM authentication, users may see inconsistent results. In some situations the content is served, but in other situations the user receives the following error message, even if the user is the same:
Access denied by ACL on resource
When an IIS server contains content or an ISAPI extension that is located on a UNC share without delegation, an NTLM-authenticated request to that IIS server is unsuccessful on the first attempt. The request succeeds after a successful Basic-authenticated request. You may experience similar behavior for requests for other types of content.
The sequence of events that causes this behavior for an ISAPI extension is as follows:
(http://support.microsoft.com/kb/228836/ )Installing a new certificate with Certificate Wizard for use in SSL/TLS
For more information about LoadLibrary, visit the following Microsoft Developer Network (MSDN) Web site:
LoadLibraryFor more information about AccessCheck, visit the following MSDN Web site:
AccessCheckFor more information about IIS authentication and why NTLM delegation fails, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/264921/ )How IIS authenticates browser clients
Article ID: 332142 - Last Review: July 7, 2008 - Revision: 5.2