We have an IIS site (MOSS 2007) that uses Windows Authentication. When a user that has forgotten their password tries to login the servers keeps sending 401 requests. This means on IE the user gets three prompts before IE displays a blank page, on Firefox the user is prompted over and over until they give up.
We would like to change the behavior so if a user fails to login three times in a row we send them a redirect to a different site, instead of another 401
Forms authentication is not an option; the site has to remain on windows authentication to allow for SSO capabilities and certain sharepoint functions.
Is there any way to tweak the IIS behavior to do this?
Best Answer
We managed to figure this out.
In IIS 7.0 the following changes need to be made to get custom HTML error pages to display:
Add the following to the Applications web.config after
Then run the command "appcmd unlock config -section:httpErrors" to stop IIS giving a 500 error from these changes