Vulnerability in EPiServer.Forms
I've just upgraded an EPiServer 4.6 site from .NET 1.1 to .NET 2.0. I also transfered the site to IIS7.
Now when I try to login with an EPiServer user or an Extranet user, the user gets validated BUT the principal always becomes "MyComputerName\Guest".
If I login with my windows account it works correctly.
Does anyone know where to start digging? This has haunted me for couple of days now...
Thanks to EPi-support who found the soloution! The windows guest account must be inactivated, otherwise it won't work.