IIS 10 | CGI/Perl | NTLM Auth | No credentials are available in the security package (0x8009030e)

maybeonline

8/14/24, 10:34 AM

I have been blessed to take over an old application that is now giving me a headache as part of hardening measures.

Function of the Perl application: Query active directory groups to the current NTLM authenticated user. Display of certain links depending on assigned AD groups.

The Problem:

The Perl application is the only application running on the server. Therefore only one / default website configured in IIS.
Accordingly, an AppPool belongs to the website, which is maintained with a service AD user as identity (Since the application must communicate to the AD, the AppPoolIdentity was out of the question).
This setup works as long as the service user is in the local administrator group. As soon as I remove it from there, the calls fail with a 401 error:

No credentials are available in the security package (0x8009030e)

In all likelihood it will be something simple and stupid that I just can't figure out.... The error itself doesn't give many solutions, unfortunately.

0 + 1

windows

perl

cgi

ntlm

iis-10

Lex Li

8/14/24, 3:35 PM

Unfortunately people will have to see your code to ensure it wasn't written in a way that requires administrator permissions to run. You also need to edit the question to tell from where you got the 401 error (like a full screenshot).

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: IIS 10 | CGI/Perl | NTLM Auth | No credentials are available in the security package (0x8009030e)

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.