IIS Server Security - strange problem with my IIS 6.0

This is Interesting: Free IT Magazines  
Home > Archive > IIS Server Security > July 2006 > strange problem with my IIS 6.0





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author strange problem with my IIS 6.0
גדי

2006-07-20, 7:23 pm

Hello all,

I have two strange problem with my IIS 6.0.

2003 sp1 standart server with IIS 6.0
that his Home Directory connected to
a UNC Path \\Servername\ShareName with
credential of Domain user (in the same domain as the server) that have a
default user permission on the share directory
(read, read&execute, list folder contents).

The Problems:
1. When you open a text file for writing (in the site code) the Domain user
that maps the IIS home directory has to have write permission on the text File
despite of the fact that the user (other domain user) that open the site has
a write permission.

2. Users from all over the web entering freely
sites that dosn;t allow anonymous access
when "Integrated Windows Authentication" is
configured.
This problem accured because the IIS strangly use the Domain User that maps
his home directory credentials to authenticate those sites.

What can i do to prevent this IIS behavior
and why it happens??

Thank you very much

Gadi




--
Gadi
Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com