Authentication for UNC Shares

Applies To: Windows Server 2003, Windows Server 2003 with SP1

The UNC authentication method, also called UNC Passthrough authentication, determines the credentials to be used for gaining access to a UNC share on a remote computer. In IIS 6.0, UNC authentication works by looking at the request user and the credentials stored in the UNCUserName Metabase Property and UNCPassword Metabase Property to determine the credentials to pass through to the computer with the UNC share.

If you use IIS Manager to create a Web site or virtual directory and specify a UNC path for the content, IIS Manager prompts you to type a user name and password for the network resource. If you specify a user name and password, the UNCUserName and UNCPasswordmetabase properties are set.

If UNCUserName is specified (not empty) and UNCPassword is valid, the metabase user credentials are sent as the user identity for access to the remote share. If UNCUserName is specified (not empty) and UNCPassword is not valid, a 500.13 error (Internal Server Error: Invalid Username or Password) is sent to the client.

If UNCUserName is empty, the credentials of the request user — which can be either an authenticated set of credentials for authenticated requests or IUSR_computername credentials for anonymous requests — are sent as the user identity for access to the remote share. In other words, by default in IIS 6.0, you do not need to specify user name and password credentials.

For more information about enabling UNC authentication, see Securing Virtual Directories.