|
Home > Archive > IIS Server Security > May 2004 > Domain User Accounts
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Domain User Accounts
|
|
| Jason Evans 2004-05-19, 11:41 pm |
| I have iis server running Windows 2000 server and have
several domains. I noticed that users of other domains on
my server can log onto protected domains. Although a user
can not log onto another site using frontpage. Example
User from domain 1 can log onto a non anonymous site at
domain 2
But the user from domain 1 can not front page into domain
2 with that account. How can I make it so that only
people that are suppose to access that site can access it
and not other users on my server
Thanks
| |
| Bernard 2004-05-20, 5:39 am |
| If the site is anonymous access, anyone can access it. To avoid that you
need to configure other authentication method where user need to enter user
credential. You can also restrict site access based on IP address, meaning
if the IP is not in access list or in deny list, user will not be able to
access the site.
--
Regards,
Bernard Cheah
http://www.tryiis.com/
http://support.microsoft.com/
http://www.msmvps.com/bernard/
"Jason Evans" <anonymous@discussions.microsoft.com> wrote in message
news:f88a01c43e10$198d0e50$a001280a@phx.gbl...
> I have iis server running Windows 2000 server and have
> several domains. I noticed that users of other domains on
> my server can log onto protected domains. Although a user
> can not log onto another site using frontpage. Example
> User from domain 1 can log onto a non anonymous site at
> domain 2
> But the user from domain 1 can not front page into domain
> 2 with that account. How can I make it so that only
> people that are suppose to access that site can access it
> and not other users on my server
>
> Thanks
| |
|
| Ok the site is already not anonymous as soon as you enter
the url it asks for a user/password. My problem is this I
have about 10 domains on my server, and users that have
access to modify certain domains via frontpage well the
users that have access to modify the other domains can
access the site that is not anonymous even though they are
not listed users of that site. Any help greatly apreciated
Thanks
>-----Original Message-----
>If the site is anonymous access, anyone can access it. To
avoid that you
>need to configure other authentication method where user
need to enter user
>credential. You can also restrict site access based on IP
address, meaning
>if the IP is not in access list or in deny list, user
will not be able to
>access the site.
>--
>Regards,
>Bernard Cheah
>http://www.tryiis.com/
>http://support.microsoft.com/
>http://www.msmvps.com/bernard/
>
>
>
>"Jason Evans" <anonymous@discussions.microsoft.com> wrote
in message
>news:f88a01c43e10$198d0e50$a001280a@phx.gbl...
on[vbcol=seagreen]
user[vbcol=seagreen]
domain[vbcol=seagreen]
it[vbcol=seagreen]
>
>
>.
>
| |
| Ken Schaefer 2004-05-20, 11:46 pm |
| Change NTFS permissions. Create groups of users. Only give the appropriate
groups permissions to the web content in each website.
At the moment you seem to be forcing authentication, but you are not denying
anyone access (everyone has access to everything). Instead, force
authentication, and limit the users who can access the content.
Cheers
Ken
<anonymous@discussions.microsoft.com> wrote in message
news:fb9d01c43e78$3a46e9a0$a501280a@phx.gbl...
: Ok the site is already not anonymous as soon as you enter
: the url it asks for a user/password. My problem is this I
: have about 10 domains on my server, and users that have
: access to modify certain domains via frontpage well the
: users that have access to modify the other domains can
: access the site that is not anonymous even though they are
: not listed users of that site. Any help greatly apreciated
:
: Thanks
: >-----Original Message-----
: >If the site is anonymous access, anyone can access it. To
: avoid that you
: >need to configure other authentication method where user
: need to enter user
: >credential. You can also restrict site access based on IP
: address, meaning
: >if the IP is not in access list or in deny list, user
: will not be able to
: >access the site.
: >--
: >Regards,
: >Bernard Cheah
: >http://www.tryiis.com/
: >http://support.microsoft.com/
: >http://www.msmvps.com/bernard/
: >
: >
: >
: >"Jason Evans" <anonymous@discussions.microsoft.com> wrote
: in message
: >news:f88a01c43e10$198d0e50$a001280a@phx.gbl...
: >> I have iis server running Windows 2000 server and have
: >> several domains. I noticed that users of other domains
: on
: >> my server can log onto protected domains. Although a
: user
: >> can not log onto another site using frontpage. Example
: >> User from domain 1 can log onto a non anonymous site at
: >> domain 2
: >> But the user from domain 1 can not front page into
: domain
: >> 2 with that account. How can I make it so that only
: >> people that are suppose to access that site can access
: it
: >> and not other users on my server
: >>
: >> Thanks
: >
: >
: >.
: >
|
|
|
|
|