IIS Server Security - Re: Problem with securing of Windows 2000 SP4 IIS with AD Windows

This is Interesting: Free IT Magazines  
Home > Archive > IIS Server Security > March 2005 > Re: Problem with securing of Windows 2000 SP4 IIS with AD Windows





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author Re: Problem with securing of Windows 2000 SP4 IIS with AD Windows
David Wang [Msft]

2005-03-14, 2:48 am

If you enable authentication (like Integrated) and disable anonymous, then
things should automatically work. The only time you'll get the login dialog
is if the NTFS ACL on the resource actually denies access to the remote
user -- meaning it is your response to ensure that those permissions are set
up correctly on the file.

--
//David
IIS
http://blogs.msdn.com/David.Wang
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"Guardian-M2005" <GuardianM2005@discussions.microsoft.com> wrote in message
news:E2805ECA-BC9C-49B4-A8D1-DE136BDD1A12@microsoft.com...
Hi

I'm sorry - tried that. This does not help as all that adding these users is
give unrestricted access to everyone to the pages. I need to have the site
to be accessible only to select groups.

Is there any way to do this without the user being prompted to login?

"Ken Schaefer" wrote:

> Hi,
>
> If allowed access includes "Allow Anonymous Authentication", then which
> users/groups you add to the NTFS folder permissions is irrelevant. The
> accounts you need to add are either IUSR_machinename (for HTML, ASP
pages),
> IWAM_machinename (for global.asa etc) and Machine\ASPNET (for ASP.NET
pages)
>
> Cheers
> Ken
>
> "Guardian-M2005" <Guardian-M2005@discussions.microsoft.com> wrote in
message
> news:77CBD13D-E0EA-4F83-B97D-972797A66278@microsoft.com...
> :I have a question regarding the securing of Windows 2000 SP4 IIS with AD
> : Windows 2003. The symptoms are that the security prompts users to log in
> on
> : opening an intranet page. I reset the security setting on the folder and
> the
> : prompting stops. However, after a reboot of the server or restart of the
> : services the prompting begins again for some (not all) groups added to
the
> : setup.
> :
> : The setup includes Windows 2000 server IIS running on a Windows 2003
> Active
> : Directory network. Groups from multiple OU are added to the security of
> the
> : folder containing the intranet pages. IIS authentication is set to
> anonymous.
> :
> : Upon a reset of permissions the permissions function OK, but after
reboot
> or
> : restart of IIS services the intranet page prompts for some users to log
> in.
> :
> : By changing all security settings to everyone or authorised user the
page
> : accessible, but that is not an option as it gives to much access.
> :
> : How can I resolve this and still keep security?
> :
>
>
>



Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com