Internet Explorer 5.0 Fails to Pass Session Variables to IIS

ID: Q231453

The information in this article applies to:
  • Microsoft Internet Explorer version 5 for Windows NT 4.0
  • Microsoft Internet Information Server version 4.0
IMPORTANT: This article contains information about editing the registry. Before you edit the registry, make sure you understand how to restore it if a problem occurs. For information about how to do this, view the "Restoring the Registry" Help topic in Regedit.exe or the "Restoring a Registry Key" Help topic in Regedt32.exe.

SYMPTOMS

When you attempt to post a form through ASP to a Microsoft IIS 4.0 computer with Internet Explorer 5.0 and session variables used in the POST to the server, the session variables may not display in the browser, as in previous versions of Internet Explorer .


CAUSE

Internet Explorer 5.0 has added a feature called NTLM pre-authorization. When an Internet Explorer 5.0 browser connects to an IIS 4.0 Web site that uses NTLM security, Internet Explorer 5.0 negotiates security. If an NTLM challenge is received, these credentials are used for any subsequent request for that Web site. In this case, when an Internet Explorer 5.0 browser connects, it receives an NTLM challenge, but when a sub folder on the same Web site does not use NTLM, no challenge is received by Internet Explorer 5.0, which causes the browser to not send the POST data to the server.


RESOLUTION

WARNING: Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.

For information about how to edit the registry, view the "Changing Keys and Values" Help topic in Registry Editor (Regedit.exe) or the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe. Note that you should back up the registry before you edit it. If you are running Windows NT, you should also update your Emergency Repair Disk (ERD).

  1. Start Registry Editor (Regedt32.exe).


  2. Locate the following key in the registry:


    3. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\InternetSettings
  3. On the Edit menu, click Add Value, and then add the following registry value:


    4. Value Name: DisableNTLMPreAuth
    Data Type: REG_DWORD
    Value: 1
  4. Quit Registry Editor.



STATUS

Microsoft has confirmed this to be a problem in the Microsoft products listed at the beginning of this article.


MORE INFORMATION

This problem only occurs when you use Internet Explorer to connect to an IIS 4.0 computer where NTLM security is placed on the parent virtual directory and anonymous security is placed on any sub directory below the parent directory.

Additional query words:

Keywords :
Version : WINDOWS:5; winnt:4.0
Platform : WINDOWS winnt
Issue type : kbprb


Last Reviewed: October 28, 1999
© 2000 Microsoft Corporation. All rights reserved. Terms of Use.