|
Home > Archive > IIS Server Security > January 2006 > Granting Access to intranet on IIS 5
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Granting Access to intranet on IIS 5
|
|
| Davey 2006-01-13, 10:26 pm |
| I have an Intranet running on Windows 2000 IIS 5 with FP2002 server
extensions installed. What I need to do is restrict access to this intranet
to only certain user accounts on our domain, not all domain users !
How can I best acheive this ??
I have looked at setting up user accounts and roles within the server
extensions admin, but when a user who does not have an server extension
account trys to access the site it prompts for user name and password. If
these details are typed correctly access is granted (i.e. if the user has a
domain account they can gain access)..
Any advice would be appreciated.
Many Thanks
Davey
| |
| Miha Pihler [MVP] 2006-01-13, 10:26 pm |
| Hi,
One way (usually the best way) is to use NTFS permissions on IIS server.
Change these NTFS permissions on folder where your intranet content is to
only allow certain users read permissions (or write if they need them). Note
that you have to e.g. remove "Authenticated Users" from the list since all
domain users are Authenticated Users.
IIS will always honor NTFS permissions.
--
Mike
Microsoft MVP - Windows Security
"Davey" <david.wilkinson@spooner-vicars.com> wrote in message
news:%23wXR7vcFGHA.1424@TK2MSFTNGP12.phx.gbl...
>I have an Intranet running on Windows 2000 IIS 5 with FP2002 server
> extensions installed. What I need to do is restrict access to this
> intranet
> to only certain user accounts on our domain, not all domain users !
>
> How can I best acheive this ??
>
> I have looked at setting up user accounts and roles within the server
> extensions admin, but when a user who does not have an server extension
> account trys to access the site it prompts for user name and password. If
> these details are typed correctly access is granted (i.e. if the user has
> a
> domain account they can gain access)..
>
> Any advice would be appreciated.
> Many Thanks
> Davey
>
>
| |
| Jeff Cochran 2006-01-13, 10:26 pm |
| On Tue, 10 Jan 2006 09:55:23 -0000, "Davey"
<david.wilkinson@spooner-vicars.com> wrote:
>I have an Intranet running on Windows 2000 IIS 5 with FP2002 server
>extensions installed. What I need to do is restrict access to this intranet
>to only certain user accounts on our domain, not all domain users !
>
>How can I best acheive this ??
>
>I have looked at setting up user accounts and roles within the server
>extensions admin, but when a user who does not have an server extension
>account trys to access the site it prompts for user name and password. If
>these details are typed correctly access is granted (i.e. if the user has a
>domain account they can gain access)..
Set NTFS permissions to keep them out.
Jeff
|
|
|
|
|