FP97: FrontPage Requires Allow Anonymous or No NTLM on IIS

• Microsoft FrontPage 97 for Windows with Bonus Pack

SYMPTOMS

When you try to connect to a Microsoft Internet Information Server (IIS) 1.0, you may receive the following error message

   You are authoring against an IIS 1.0 web server, which is
   configured to support only Windows NT Challenge\Response
   authentication. To use FrontPage against this web you must
   configure the server to use Basic (Clear Text) authentication.

CAUSE

Use of the NT Challenge\Response authentication header is made possible because FrontPage 97 can function as an ISAPI dll on an IIS 2.0 server.

FrontPage 97 does not install an ISAPI version of its extensions on an IIS 1.0 server because of irregularities in the IIS 1.0 implementation of ISAPI. FrontPage 97 cannot detect the server version until after it successfully retrieves a page or hits a script. In order to get the initial list, FrontPage must access the server as the anonymous Internet Guest account (IUSR_<machine_name>). If the server extensions can get the initial list of files from the IIS 1.0 server as the anonymous account, FrontPage can then accurately tailor its response to the IIS 2.0 server. However, if the anonymous account is denied access to fetch the list of Webs on the server, then the presence of the NT Challenge\Response in the www- authenticate header forces the FrontPage 97 client to display the error message.

RESOLUTION

To author or administer a FrontPage web on an IIS 1.0 server, do either of the following:

• Disable NT Challenge\Response Authentication

      -or-
  

• Enable the Allow Anonymous option

STATUS

Microsoft has confirmed this to be a problem in the Microsoft products listed at the beginning of this article.

The FrontPage 97 installation routine on an IIS 1.0 server will enable Basic Authentication in if it is not enabled at installation time. This problem does not occur on IIS 2.0 servers.