|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Managing Virtual Directories in IISOur company uses network with a Domain Controller configured on Windows
Server 2008 with Active Directory and group policies implemented. All of our developers login from Domain controller on their machines and on local computers those users are member of "Standard User" group only. When we are logged in with local user on those machines we cannot manage (Add/Edit/Delete) the Virtual Directories in IIS installed on local computer. But when we login with Domain Administrator user on the same machine it gives all the options to manage Virtual Directories in IIS. We want to restrict the users to be member of "Standrad User" group only and can't include them in local Administrators group. How to overcome this problem of unable to manage Virtual Directories in IIS in the given scenario? For IIS 5.1 and IIS 6.0, IIS Manager includes a check to see whether the
user is in the local Administrators group (no requirement to be a Domain Admin per se). You can delegate change permissions to the IIS metabase (e.g. using Metabase Explorer to change the ACLs) but you will still need to use a tool other than IIS Manager to make the changes. Since IIS 6.0 uses XML for configuration storage, you could just change the NTFS permissions on that file and have your developers change the XML directly. Cheers Ken Show quoteHide quote "erohitv" <eroh***@discussions.microsoft.com> wrote in message news:D29EE437-B4E1-4ED5-97D7-D63E431E0380@microsoft.com... > Our company uses network with a Domain Controller configured on Windows > Server 2008 with Active Directory and group policies implemented. All of > our > developers login from Domain controller on their machines and on local > computers those users are member of "Standard User" group only. When we > are > logged in with local user on those machines we cannot manage > (Add/Edit/Delete) the Virtual Directories in IIS installed on local > computer. > But when we login with Domain Administrator user on the same machine it > gives > all the options to manage Virtual Directories in IIS. > > We want to restrict the users to be member of "Standrad User" group only > and > can't include them in local Administrators group. > > How to overcome this problem of unable to manage Virtual Directories in > IIS > in the given scenario? > > 
Other interesting topics
iis 6 ssl redirect initial login encrypted?
IIS requiring Client "Machine" Certificate... possible? Unable to access site with FQDN Restricting access from my site to other sites webpage permissions Sharing between server Client certificates Anonymous access Pop3 Service Login Failure using Local Windows Account Authenticat developer permissions management |
|||||||||||||||||||||||
