|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Password protect web pageThis seems simple enough, I just can't seem to get it to work. I have IIS
6.0 and was trying to password protect a sub directory. Being unsuccessful there, I moved up to the web root. I have unchecked Enable Anonymous Access, and have only Basic Authentication checked (I am using SSL). At C:\Inetpub\wwwroot I changed the Security to Administrators have Full Control, Support Group has Read and Execute, CREATOR OWNER has Special Permission, SYSTEM has Full Control and WEB1\Users has Read and Execute. When a user goes to our support page, anyone can put in their username and password and access the page. I only want people in my Support Group to be able to access the page. Thanks in advance. Stebe Hi,
IIS will always honor NTFS permissions on the folder where the web content is stored. So in order to solve this problem and make sure that only Support Group has access to the web site you have to remove Users group from the folder where the web content is stored. I hope this helps. -- Show quoteHide quoteMike Microsoft MVP - Windows Security "stebe" <st***@discussions.microsoft.com> wrote in message news:1CFB6F42-E4D7-4689-B45A-D15F09B4E35C@microsoft.com... > This seems simple enough, I just can't seem to get it to work. I have IIS > 6.0 and was trying to password protect a sub directory. Being > unsuccessful > there, I moved up to the web root. I have unchecked Enable Anonymous > Access, > and have only Basic Authentication checked (I am using SSL). At > C:\Inetpub\wwwroot I changed the Security to Administrators have Full > Control, Support Group has Read and Execute, CREATOR OWNER has Special > Permission, SYSTEM has Full Control and WEB1\Users has Read and Execute. > When a user goes to our support page, anyone can put in their username and > password and access the page. I only want people in my Support Group to > be > able to access the page. Thanks in advance. > > Stebe I tried that. When I do, I lose something at a lower level, don't know what.
I get themessage Access denied to 'c:\inetpub\wwwroot\web.config'. The (Users) WEB1\Users would be local users so it shouldn't affect the domain users. Should it? Thanks for the advice. It was worth trying again. Show quoteHide quote "Miha Pihler [MVP]" wrote: > Hi, > > IIS will always honor NTFS permissions on the folder where the web content > is stored. So in order to solve this problem and make sure that only Support > Group has access to the web site you have to remove Users group from the > folder where the web content is stored. > > I hope this helps. > > -- > Mike > Microsoft MVP - Windows Security > > "stebe" <st***@discussions.microsoft.com> wrote in message > news:1CFB6F42-E4D7-4689-B45A-D15F09B4E35C@microsoft.com... > > This seems simple enough, I just can't seem to get it to work. I have IIS > > 6.0 and was trying to password protect a sub directory. Being > > unsuccessful > > there, I moved up to the web root. I have unchecked Enable Anonymous > > Access, > > and have only Basic Authentication checked (I am using SSL). At > > C:\Inetpub\wwwroot I changed the Security to Administrators have Full > > Control, Support Group has Read and Execute, CREATOR OWNER has Special > > Permission, SYSTEM has Full Control and WEB1\Users has Read and Execute. > > When a user goes to our support page, anyone can put in their username and > > password and access the page. I only want people in my Support Group to > > be > > able to access the page. Thanks in advance. > > > > Stebe > > > By default Domain Users are also members of Local Users group. So yes it
will affect all your domain users (and give them access to the web site). -- Show quoteHide quoteMike Microsoft MVP - Windows Security "stebe" <st***@discussions.microsoft.com> wrote in message news:53D010C2-C28B-4606-A3F7-1FC430869C1F@microsoft.com... >I tried that. When I do, I lose something at a lower level, don't know >what. > I get themessage Access denied to 'c:\inetpub\wwwroot\web.config'. The > (Users) WEB1\Users would be local users so it shouldn't affect the domain > users. Should it? > Thanks for the advice. It was worth trying again. > > "Miha Pihler [MVP]" wrote: > >> Hi, >> >> IIS will always honor NTFS permissions on the folder where the web >> content >> is stored. So in order to solve this problem and make sure that only >> Support >> Group has access to the web site you have to remove Users group from the >> folder where the web content is stored. >> >> I hope this helps. >> >> -- >> Mike >> Microsoft MVP - Windows Security >> >> "stebe" <st***@discussions.microsoft.com> wrote in message >> news:1CFB6F42-E4D7-4689-B45A-D15F09B4E35C@microsoft.com... >> > This seems simple enough, I just can't seem to get it to work. I have >> > IIS >> > 6.0 and was trying to password protect a sub directory. Being >> > unsuccessful >> > there, I moved up to the web root. I have unchecked Enable Anonymous >> > Access, >> > and have only Basic Authentication checked (I am using SSL). At >> > C:\Inetpub\wwwroot I changed the Security to Administrators have Full >> > Control, Support Group has Read and Execute, CREATOR OWNER has Special >> > Permission, SYSTEM has Full Control and WEB1\Users has Read and >> > Execute. >> > When a user goes to our support page, anyone can put in their username >> > and >> > password and access the page. I only want people in my Support Group >> > to >> > be >> > able to access the page. Thanks in advance. >> > >> > Stebe >> >> >> 
Other interesting topics
require client certificates SSL
SSL Certificates Urgent help needed! Multiple virtual SSL sites on 1 IIS6 server .exe file downloads return 404 in IIS6.0 SSL or SSL VPN IIS Admin Security Descriptors Problem (Event ID 10021) IIS to File Server IWA with multiple websites on one server Windows authentication - Display page |
|||||||||||||||||||||||
