XFOR: MBS: Banned Chat Users Regain Access w/ Authentication

ID: q166722

The information in this article applies to:

SYMPTOMS

Membership Broker System (MBS) users who have been banned from an Internet Chat Server (ICS) Service Pack 1 (SP1) chat can end their session, start a new session and, regain entry to the chat from which they have been banned. The banned users regain entry by adding a space after their user name when authenticating.

CAUSE

When the authentication request comes in, the user name is stored in the SSPI filter as received from the client. Although the Broker service will strip off any spaces prior to submitting the name to the back end, allowing normal authentication, external calls for this piece of data take it from the filter area (as received).

STATUS

Microsoft has confirmed this to be a problem in Microsoft Commercial Internet System version 1.0. This problem has been corrected in the latest U.S. Service Pack for Microsoft Commercial Internet System version 1.0. For information on obtaining the Service Pack, query on the following article in the Microsoft Knowledge Base:

   ARTICLE-ID: Q183062
   TITLE     : MCIS 1.0 Service Packs 1 and 2 Information

MORE INFORMATION

All variants of Broker code (MCIS 1.0 and MCIS SP1) and authentication (DPA and MSN) with an MCIS 1.0 ICS do not have this problem. All variants of Broker code (MCIS 1.0 and MCIS SP1) and authentication (DPA and MSN) with an MCIS SP1 version of ICS do have this problem.

Additional query words: mbs sp2

Version           : WINNT: 1.0
Platform          : winnt
Hardware          : ALPHA x86
Issue type        : kbbug
Solution Type     : kbfix

Last Reviewed: December 7, 1998