|
Home > Archive > IIS Server Security > July 2006 > Basic Authentication for only one special user
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Basic Authentication for only one special user
|
|
| Gerhard Rauter 2006-07-06, 9:30 am |
| Hi,
I have a Win2003 Server with IIS 6 in an intranet environment and i want to
use basic authentication (that works fine) and only one special local user
to be able to log in.
can anybody describe me how to do that?
Thanks a lot
Gerhard
| |
| Chris Crowe [MVP 1997 -> 2006] 2006-07-07, 1:20 am |
| Basic authentication will by the IIS default - authenticate you against a
local user store or domain store.
THe only way to do what you want is to control access via NTFS permissions
on the file system.
Removing rights for users who you do not want to have access. Remember that
DENY rights DENY a user even if explicit ALLOW rights exist.
You could also look at a product call IIS Password...
IIS password protection of files and folders has always been dificult.
IISPassword brings the ease and power of Apache's htaccess to Microsoft IIS.
No longer is there a need for system user accounts and complex access
permissions for maintaining a secure, password protected web site.
IISPassword uses Basic HTTP Authentication for password protecting web sites
on IIS, just like htaccess works on Apache. That makes your password
protected Apache web site compatible with IIS, and vice versa.
A powerful and intuitive interface makes it possible to password protect a
web site in just moments. More advanced settings provide options such as
user group management and protection of certain file types.
This is a free product and is very nicely implemented and probably will do
exacly what you need.
http://www.troxo.com/products/iispassword/
--
Chris Crowe [ IIS MVP - 1997 - 2006 ]
http://blog.crowe.co.nz
"Gerhard Rauter" <gerhard.rauter@swisscom.com> wrote in message
news:1152196218.912130@ftpgate...
> Hi,
>
> I have a Win2003 Server with IIS 6 in an intranet environment and i want
> to
> use basic authentication (that works fine) and only one special local user
> to be able to log in.
>
> can anybody describe me how to do that?
>
> Thanks a lot
>
> Gerhard
>
>
| |
| Ken Schaefer 2006-07-07, 1:20 am |
| Hi,
Chris is correct. Authentication is the process of identifying the user.
What you want to do is deny the user access to things based on their
identity: that is authorization.
So, there are two ways to do this:
a) if you just want to prevent access to files, use NTFS permissions. Give
that one user access to the files, and deny access to other users
b) if you want to prevent the ability to actually "logon", then you can
change the local security policy of the server (Start -> Run -> Secpol.msc)
and change which accounts are allowed to logon to the server.
Cheers
Ken
"Gerhard Rauter" <gerhard.rauter@swisscom.com> wrote in message
news:1152196218.912130@ftpgate...
> Hi,
>
> I have a Win2003 Server with IIS 6 in an intranet environment and i want
> to
> use basic authentication (that works fine) and only one special local user
> to be able to log in.
>
> can anybody describe me how to do that?
>
> Thanks a lot
>
> Gerhard
>
>
|
|
|
|
|