Yes, I already did that; before I did , I was getting a completely different error. But thanks for the suggestion.

Hmm...actually, after looking at my W2K3 server, I don't even see this file (localstart.asp) in my root directory. Is this installed by default in W2K3?

J

Now that's an interesting question, katsarosj.

I certainly didn't install it myself, and the book I'm working from (Beginning ASP 3.0) assumes that the file *will* be there by default; but the book was written for W2000, not 2003. And my machine did have a 2000 installation on it before I installed 2003, so it's certainly possible that this file is actually a leftover from the 2000 install.

Nevertheless, it is supposed to be possible to run 'classic' ASP on W2003, I understand; and the security error occurs on a the first GetObject call in the ASP script, which is:

Set infoobj=GetObject("IIS://localhost/w3svc/info")

That hardly seems a very contentious thing to do.

I found a suggestion on another forum that offered a work-round to this problem by creating an alternative website with a different default user, then making that user a Local Administrator; but that does not seem a satisfactory solution if one wants to use a normal ASP on a normal network, and does not want to give every internet user Admin privileges.

So I decided to take it to the book's own forum.

Thanks for your suggestions, they're making me think - which is always a good thing.

I have seen these files on Windows 2000 machines that I install. If this is an upgrade, I wonder if that is the problem - that it is just leftover from W2K. Have you tried creating a simple "Hello World" ASP page to see if it is working?

J

Yes, I did that and it works OK. The error specifically occurs when the GetObject method is called in the ASP. It does seem to be to do with the anonymous user not having enough authority to execute that object, or else perhaps to access the folder structure & file where the object is trying to go. As I mentioned, when I access it as a file rather than through http, it is presumably using my own userid (a local admin) and so works OK.

I am also suffering the same problem with Win2003 server and the "Unable to fetch collection Global" error.

I have hunted high and low for anything that mught relate to this problem but so far have been unable to find a relevant solution. So if anyone can shed any light on this you would make a lot of people very happy.

I had the same error with the default IIS page

the default setup on W2K Pro/server WinXP and Windows Server 2003
is that the localstart.asp, requires integrated authentication on and anonymous access turned off, just right click on the file itself in the IIS admin tool and go into properties and set the security as i specified here

if you have modified the access rights try setting them back

if you are trying to use a webserver with a FAT file system i recommend you don't

Thanks, markm1701 - that worked, and I can now get the ASP to come up.

Thanks very much indeed. Could you possibly explain roughly what this has done? I understand that it means that I am now accessing this ASP through my own userid rather than the anonymous Internet one, but why does this matter?

I have other ASP pages (part of a packaged product) that already work OK on this machine, with Anonymous Access turned on for them - what is the thing that makes the difference, do you know, please?

If we ever meet, I owe you a pint!

zippo

Integrated authentication requests that the browser sends the user information of the person logged into the PC

as your conencting to your own machines website it recognizes you as an administrator

if you use integrated authentication and the user does not match a known account on the machine/domain of the webserver it will prompt you to login

the reason that localstart needs this is that their is a request to search the IIS metabase using ADSI
find a list of default documents, that call fails without integrated authentication enabled, because the IUSR_<machinename> account (anonymous access account) does not have sufficient rights

here is the code that causes the failure




'Using ADSI, get the list of default documents for this Web site.

sPath = "IIS://" & sServername & "/W3SVC/" & sServerinst
Set oDefSite = GetObject(sPath)
sDefDoc = LCase(oDefSite.DefaultDoc)
aDefDocs = split(sDefDoc, ",")

Thanks for the explanation, markm.

I had been trying to go at it from the other side, increasing the authority level of the IUSR userid, and that didn't seem to work well - but yours is clearly a more secure way of doing things anyway.

Thanks again.

:)