"psychogenic" <angryl***@gmail.com> wrote in message
news:1142266858.900163.228620@z34g2000cwc.googlegroups.com...
: Does Visual Interdev use an account to gain access to a remote web
: server or does IIS treat it as an anonymous guest user? We have web
: developers who insist on having FPSE installed on the production server
: but the problem is we also have other people in our WAN who have
: Interdev installed (other subnets) and can reach and read source codes
: on the server. This of course is a big issue with them but they also
: don't want to lose FPSE. In the past I've always had web teams install
: FPSE on an anonymous test server and then ftp/copr-n-paste their
: changes onto the production site but in this situation it looks like I
: can't do that... yet. How do you all lock down FPSE if it were placed
: on a web server that's public and accessible to the public? :(
:

> Hi,
>
> The answer to this question depends on which version of FPSE you are using.
>
> For FPSE2000 (which ships with IIS5.0), the configuration of FPSE offers to
> create three local groups (admins, authors and browsers). If you do not
> choose to create these groups, you can run into problems such as what you
> are experiencing. You should create these groups, and place the necessary
> users into each group. FPSE2000 uses NTFS permissions to control access to
> files. Provided you create the groups, and the other users are not in the
> Authors or Admins group, they won't be able to get access to source code.
>
> For FPSE2002 (which ships with IIS6.0, and can be installed on IIS5.0 as
> well), you can either use Window accounts or non-Windows accounts to control
> access. Again, ensuring that not everyone has access to source does rely on
> configuring this properly.
>
> Cheers
> Ken
>
> "psychogenic" <angryl***@gmail.com> wrote in message
> news:1142266858.900163.228620@z34g2000cwc.googlegroups.com...
> : Does Visual Interdev use an account to gain access to a remote web
> : server or does IIS treat it as an anonymous guest user? We have web
> : developers who insist on having FPSE installed on the production server
> : but the problem is we also have other people in our WAN who have
> : Interdev installed (other subnets) and can reach and read source codes
> : on the server. This of course is a big issue with them but they also
> : don't want to lose FPSE. In the past I've always had web teams install
> : FPSE on an anonymous test server and then ftp/copr-n-paste their
> : changes onto the production site but in this situation it looks like I
> : can't do that... yet. How do you all lock down FPSE if it were placed
> : on a web server that's public and accessible to the public? :(
> :

"psychogenic" <angryl***@gmail.com> wrote in message
news:1142361043.090261.146810@z34g2000cwc.googlegroups.com...
: Yes, its version 2000 (its on IIS 5.0). As it is set now, the Everyone
: group is currently given Browser role. However, anyone with Interdev
: installed can still read the source codes.
:
: Ken Schaefer wrote:
: > Hi,
: >
: > The answer to this question depends on which version of FPSE you are
using.
: >
: > For FPSE2000 (which ships with IIS5.0), the configuration of FPSE offers
to
: > create three local groups (admins, authors and browsers). If you do not
: > choose to create these groups, you can run into problems such as what
you
: > are experiencing. You should create these groups, and place the
necessary
: > users into each group. FPSE2000 uses NTFS permissions to control access
to
: > files. Provided you create the groups, and the other users are not in
the
: > Authors or Admins group, they won't be able to get access to source
code.
: >
: > For FPSE2002 (which ships with IIS6.0, and can be installed on IIS5.0 as
: > well), you can either use Window accounts or non-Windows accounts to
control
: > access. Again, ensuring that not everyone has access to source does rely
on
: > configuring this properly.
: >
: > Cheers
: > Ken
: >
: > "psychogenic" <angryl***@gmail.com> wrote in message
: > news:1142266858.900163.228620@z34g2000cwc.googlegroups.com...
: > : Does Visual Interdev use an account to gain access to a remote web
: > : server or does IIS treat it as an anonymous guest user? We have web
: > : developers who insist on having FPSE installed on the production
server
: > : but the problem is we also have other people in our WAN who have
: > : Interdev installed (other subnets) and can reach and read source codes
: > : on the server. This of course is a big issue with them but they also
: > : don't want to lose FPSE. In the past I've always had web teams install
: > : FPSE on an anonymous test server and then ftp/copr-n-paste their
: > : changes onto the production site but in this situation it looks like I
: > : can't do that... yet. How do you all lock down FPSE if it were placed
: > : on a web server that's public and accessible to the public? :(
: > :
:

> Who is in the Author and Admin groups?
>
> If you right-click on the website in the IIS Manager, there is an option to
> "tighten FPSE security" which you can run to fix up NTFS ACLs.
>
> Just becuase someone has Interdev doesn't mean they should be able to view
> source-code. Permissions are checked on the server, regardless of the type
> of client connecting.
>
> Cheers
> Ken
>
>
> "psychogenic" <angryl***@gmail.com> wrote in message
> news:1142361043.090261.146810@z34g2000cwc.googlegroups.com...
> : Yes, its version 2000 (its on IIS 5.0). As it is set now, the Everyone
> : group is currently given Browser role. However, anyone with Interdev
> : installed can still read the source codes.
> :
> : Ken Schaefer wrote:
> : > Hi,
> : >
> : > The answer to this question depends on which version of FPSE you are
> using.
> : >
> : > For FPSE2000 (which ships with IIS5.0), the configuration of FPSE offers
> to
> : > create three local groups (admins, authors and browsers). If you do not
> : > choose to create these groups, you can run into problems such as what
> you
> : > are experiencing. You should create these groups, and place the
> necessary
> : > users into each group. FPSE2000 uses NTFS permissions to control access
> to
> : > files. Provided you create the groups, and the other users are not in
> the
> : > Authors or Admins group, they won't be able to get access to source
> code.
> : >
> : > For FPSE2002 (which ships with IIS6.0, and can be installed on IIS5.0 as
> : > well), you can either use Window accounts or non-Windows accounts to
> control
> : > access. Again, ensuring that not everyone has access to source does rely
> on
> : > configuring this properly.
> : >
> : > Cheers
> : > Ken
> : >

"psychogenic" <angryl***@gmail.com> wrote in message
news:1142438428.765428.320520@i39g2000cwa.googlegroups.com...
: Hmmm, I don't see anywhere within the admin pages to view who are in
: the Admin and Author groups. From the Users and Roles section, I see
: Change anon access settings, and Click here to add or delete accounts,
: Manage Users, Roles, and Send an invitation, but nothing that I can see
: which manages groups.
:
: Ken Schaefer wrote:
: > Who is in the Author and Admin groups?
: >
: > If you right-click on the website in the IIS Manager, there is an option
to
: > "tighten FPSE security" which you can run to fix up NTFS ACLs.
: >
: > Just becuase someone has Interdev doesn't mean they should be able to
view
: > source-code. Permissions are checked on the server, regardless of the
type
: > of client connecting.
: >
: > Cheers
: > Ken
: >
: >
: > "psychogenic" <angryl***@gmail.com> wrote in message
: > news:1142361043.090261.146810@z34g2000cwc.googlegroups.com...
: > : Yes, its version 2000 (its on IIS 5.0). As it is set now, the Everyone
: > : group is currently given Browser role. However, anyone with Interdev
: > : installed can still read the source codes.
: > :
: > : Ken Schaefer wrote:
: > : > Hi,
: > : >
: > : > The answer to this question depends on which version of FPSE you are
: > using.
: > : >
: > : > For FPSE2000 (which ships with IIS5.0), the configuration of FPSE
offers
: > to
: > : > create three local groups (admins, authors and browsers). If you do
not
: > : > choose to create these groups, you can run into problems such as
what
: > you
: > : > are experiencing. You should create these groups, and place the
: > necessary
: > : > users into each group. FPSE2000 uses NTFS permissions to control
access
: > to
: > : > files. Provided you create the groups, and the other users are not
in
: > the
: > : > Authors or Admins group, they won't be able to get access to source
: > code.
: > : >
: > : > For FPSE2002 (which ships with IIS6.0, and can be installed on

: > : > well), you can either use Window accounts or non-Windows accounts to
: > control
: > : > access. Again, ensuring that not everyone has access to source does
rely
: > on
: > : > configuring this properly.
: > : >
: > : > Cheers
: > : > Ken
: > : >
:

> Hi,
>
> Are you sure you are using FPSE2000? If so, the groups in question are NT
> user groups. Use Computer Management MMC Administrative Tool to view local
> user groups.
>
> Cheers
> Ken
>
> "psychogenic" <angryl***@gmail.com> wrote in message
> news:1142438428.765428.320520@i39g2000cwa.googlegroups.com...
> : Hmmm, I don't see anywhere within the admin pages to view who are in
> : the Admin and Author groups. From the Users and Roles section, I see
> : Change anon access settings, and Click here to add or delete accounts,
> : Manage Users, Roles, and Send an invitation, but nothing that I can see
> : which manages groups.
> :
> : Ken Schaefer wrote:
> : > Who is in the Author and Admin groups?
> : >
> : > If you right-click on the website in the IIS Manager, there is an option
> to
> : > "tighten FPSE security" which you can run to fix up NTFS ACLs.
> : >
> : > Just becuase someone has Interdev doesn't mean they should be able to
> view
> : > source-code. Permissions are checked on the server, regardless of the
> type
> : > of client connecting.
> : >
> : > Cheers
> : > Ken
> : >
> : >
> : > "psychogenic" <angryl***@gmail.com> wrote in message
> : > news:1142361043.090261.146810@z34g2000cwc.googlegroups.com...
> : > : Yes, its version 2000 (its on IIS 5.0). As it is set now, the Everyone
> : > : group is currently given Browser role. However, anyone with Interdev
> : > : installed can still read the source codes.
> : > :

"psychogenic" <angryl***@gmail.com> wrote in message
news:1142523622.121038.151230@e56g2000cwe.googlegroups.com...
: Sorry. I am using FPSE 2002. Interestingly enough, if I create a new
: web server with the exact same NTFS permissions and FPSE settings, I am
: prompted for user/password info when I try to connect to it through
: Visual InterDev but I don't with the web sevrer I am having the problem
: with.
:
: Ken Schaefer wrote:
: > Hi,
: >
: > Are you sure you are using FPSE2000? If so, the groups in question are
NT
: > user groups. Use Computer Management MMC Administrative Tool to view
local
: > user groups.
: >
: > Cheers
: > Ken
: >
: > "psychogenic" <angryl***@gmail.com> wrote in message
: > news:1142438428.765428.320520@i39g2000cwa.googlegroups.com...
: > : Hmmm, I don't see anywhere within the admin pages to view who are in
: > : the Admin and Author groups. From the Users and Roles section, I see
: > : Change anon access settings, and Click here to add or delete accounts,
: > : Manage Users, Roles, and Send an invitation, but nothing that I can
see
: > : which manages groups.
: > :
: > : Ken Schaefer wrote:
: > : > Who is in the Author and Admin groups?
: > : >
: > : > If you right-click on the website in the IIS Manager, there is an
option
: > to
: > : > "tighten FPSE security" which you can run to fix up NTFS ACLs.
: > : >
: > : > Just becuase someone has Interdev doesn't mean they should be able
to
: > view
: > : > source-code. Permissions are checked on the server, regardless of
the
: > type
: > : > of client connecting.
: > : >
: > : > Cheers
: > : > Ken
: > : >
: > : >
: > : > "psychogenic" <angryl***@gmail.com> wrote in message
: > : > news:1142361043.090261.146810@z34g2000cwc.googlegroups.com...
: > : > : Yes, its version 2000 (its on IIS 5.0). As it is set now, the
Everyone
: > : > : group is currently given Browser role. However, anyone with
Interdev
: > : > : installed can still read the source codes.
: > : > :
: