IIS Server Security - Site using Basic authentication and SSL requiring Admin rights

This is Interesting: Free IT Magazines  
Home > Archive > IIS Server Security > November 2004 > Site using Basic authentication and SSL requiring Admin rights





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author Site using Basic authentication and SSL requiring Admin rights
Gearhead

2004-11-22, 5:50 pm

I've setup a website using Basic Authentication and SSL in IIS 5. The only
people that can be authenticated are people with administrative rights,
despite the fact that the file security on the wwwroot folder allows Everyone
read access. Does anyone know why members of the User group can't
authenticate?
Bernard

2004-11-23, 2:52 am

Can't authenticate ? error msgs ? status code ? 401. ??

Try enable logon event auditing.

--
Regards,
Bernard Cheah
http://www.tryiis.com/
http://support.microsoft.com/
http://www.msmvps.com/bernard/



"Gearhead" <Gearhead@discussions.microsoft.com> wrote in message
news:DD7745AF-F54D-4951-A070-E1B7F973049D@microsoft.com...
> I've setup a website using Basic Authentication and SSL in IIS 5. The only
> people that can be authenticated are people with administrative rights,
> despite the fact that the file security on the wwwroot folder allows
Everyone
> read access. Does anyone know why members of the User group can't
> authenticate?


David Wang [Msft]

2004-11-29, 7:51 am

Are those users allowed to LOGON to the server?? If they can't, they will
fail no matter what authentication or file ACL you choose.

Access is controlled by configuration and policy. FileSystem ACL dictates
the user accounts required, Authentication Protocol controls the user
accounts that can access, and Policy controls whether those user accounts
function and in what manner.

--
//David
IIS
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"Gearhead" <Gearhead@discussions.microsoft.com> wrote in message
news:DD7745AF-F54D-4951-A070-E1B7F973049D@microsoft.com...
I've setup a website using Basic Authentication and SSL in IIS 5. The only
people that can be authenticated are people with administrative rights,
despite the fact that the file security on the wwwroot folder allows
Everyone
read access. Does anyone know why members of the User group can't
authenticate?


Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com