Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

Users are unable to open or create Web folder for restricted FrontPage Web


View products that this article applies to.

This article was previously published under Q230169

↑ Back to the top


Symptoms

After you create a FrontPage Web that is set to Only registered users have browse and you add an account with Author or Administer permission, users cannot create a Web Folder for this Web or open the Web in FrontPage 2000 or any other Microsoft Office 2000 application. This problem occurs for IIS Web servers running version 4.0.2.2717 of the FrontPage 2000 Server Extensions. The user receives multiple authentication dialogs that never authenticate, and eventually, one of the following error messages occurs:
You do not have permission to access this Web Folder location.
You are not authorized to perform the current operation.

↑ Back to the top


Cause

The problem occurs because when the Web is set to Only registered users have browse, the Everyone group is removed from the access control lists on the Web, and access to _vti_pvt is restricted. In this case, FrontPage fails to write the Network and Interactive groups to the _vti_pvt folder. This restriction prevents the valid user from opening the Web or creating a Web Folder because access to the configuration files in _vti_pvt are required in order to perform the operation.

↑ Back to the top


Workaround

To work around this problem, add the Network and Interactive groups to the _vti_pvt folder. This is achieved by performing a Check Server Extensions. On the IIS 4.0 Web server where the Web was created, do the following:
1.On the IIS 4.0 Web server, click Start, point to Programs, point to Windows NT 4.0 Option Pack, point to Microsoft Internet Information Server, and then click Internet Service Manager.
2.Under Internet Information Server, select the computer name, and click the Virtual Server where the restricted subweb resides.
3.Right-click the Virtual Server, point to Task, and click Check Server Extensions. When asked to tighten security as much as possible for all FrontPage Webs, click Yes.
4.After you complete the Check Server Extensions, the Web will be accessible by the user. Also, if the permissions for the _vti_pvt folder for the Web are viewed in Windows Explorer, the Network and Interactive groups are listed.

To avoid fixing this problem for other new subwebs, use the following steps:
1.Open the root Web for the Virtual Server in FrontPage.
2.On the Tools menu, point to Security, and click Permissions.
3.On the Groups tab, click Everyone, click Remove, and then click OK.
4.Click Tools, click Security, and then click Permissions. On the Users tab, select Everyone has browse access and click OK.
5.When permissions are propagated to new subewbs, the new permissions on the root Web are initially inherited. This step helps to ensure the correct permissions are inherited when creating a new subweb.

↑ Back to the top


Status

Microsoft has confirmed that this is a problem in the FrontPage 2000 Server Extensions.

↑ Back to the top


Keywords: KB230169, kbpending, kbbug, kbopenfile, kbweb, kberrmsg, , kbpermissions

↑ Back to the top

Article Info
Article ID : 230169
Revision : 3
Created on : 2/22/2007
Published on : 2/22/2007
Exists online : False
Views : 409