|
Home > Archive > FrontPage Server Extensions for Windows > May 2004 > Integrated Windows Authentication / Permissions problem.
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Integrated Windows Authentication / Permissions problem.
|
|
| Paul W. 2004-05-20, 5:42 pm |
| Hello all,
I have a Windows 2k Server running IIS 5 and FP 2002 extensions. Browser permissions are set for the everyone group to access the web - the default settings (I've also tried the 2000 server extensions as well).
There are many Excel spreadsheets and Word documents serving as templates within this web that the users access via the intranet to open, then save to their local machines. In addition, there are several database results type pages.
The issue I am unable to resolve, is anytime a user tries to open a doc, they receive a pop up dialogue box for a user name and password for authentication. If they fill in the box, it reappears but if they simply click cancel, the doc opens as it should.
Now, if I disable "Integrated Windows Authentication" on the Directory Security Tab located on the proberty page of that web in IIS 5, obviously the authentication pop up goes away for users trying to open docs, but then I am unable to open the web via fr
ontpage at the very least.
I've tried complete reinstallation of IIS and fpse 2000 and 2002, but to no avail. Any helpful advice would be graciously appreciated on this frustrating issue.
Thanks,
Paul W
| |
| someoneelse 2004-05-20, 5:42 pm |
| It's most likely an NTFS issue on the files you are trying to make available
for download.
From what I understand you are trying to make them available to anyone that
visits the site.
Make sure the IUSR account you are running the site as has read access to
the files in question. By default it's
IUSR_yourmachinename.You need to do this by right clicking on the files in
windows explorer and going to the security tab.
Also, on the Directory Security Tab for the site make sure "Enable anonymous
access" is check in addition to "Integrated Windows Authentication".
The account required above for the files, can be found here.
This should allow anyone who visits the site to download the files.
"Paul W." <pwidsten@co.bexar.tx.us> wrote in message
news:86DC6F8D-19E0-41F5-8CBC-00C1F0304163@microsoft.com...
> Hello all,
> I have a Windows 2k Server running IIS 5 and FP 2002 extensions. Browser
permissions are set for the everyone group to access the web - the default
settings (I've also tried the 2000 server extensions as well).
>
> There are many Excel spreadsheets and Word documents serving as templates
within this web that the users access via the intranet to open, then save to
their local machines. In addition, there are several database results type
pages.
>
> The issue I am unable to resolve, is anytime a user tries to open a doc,
they receive a pop up dialogue box for a user name and password for
authentication. If they fill in the box, it reappears but if they simply
click cancel, the doc opens as it should.
>
> Now, if I disable "Integrated Windows Authentication" on the Directory
Security Tab located on the proberty page of that web in IIS 5, obviously
the authentication pop up goes away for users trying to open docs, but then
I am unable to open the web via frontpage at the very least.
>
> I've tried complete reinstallation of IIS and fpse 2000 and 2002, but to
no avail. Any helpful advice would be graciously appreciated on this
frustrating issue.
>
> Thanks,
> Paul W
| |
| Paul W. 2004-05-20, 5:42 pm |
| ....add to my original post, that if I change Permissions in fpse and make Everyone "Authors" the pop up authentication box is removed, but now everyone has write access and that is not acceptable, of course.
- Paul W.
| |
| Paul W. 2004-05-20, 8:37 pm |
| Good advice thank you, however this is generally where the frustration comes from - yes it should allow anyone who browses to view them.
Both "Integrated Windows Authentication" and "Allow anonymous access" are enabled currently (by default as well in fact) and the permissions are correct on the files and folders - yet I still have the problem as described.
Thanks,
- Paul W
| |
| John S. 2004-05-23, 11:33 pm |
| In case you haven't tried this...
IIS Directory Security on this site/virtual site should be set to allow anonymous access in addition to allowing Integrated Windows Authentication.
Your internal users should have "Enable Integrated Windows Authentication" enabled in their IE advanced settings on their desktop computers. I think this will get them into the site with their Windows credentials rather than as anonymous users -- which i
nherit the IUSR_MachineName permissions.
NTFS file system permissions for the IUSR_MachineName account should be set to have read-only access to the folder containing the files.
NTFS file system permissions for the internal users' accounts should be set to have read-only access, or appropriate permissions for the type of acces you want them to have.
| |
| someoneelse 2004-05-24, 11:35 pm |
| Sorry I don't have a "this is it" sort of answer, but I have a suggestion.
You could use the application Filemon to monitor which user is being used to access the files:
http://www.sysinternals.com/ntw2k/source/filemon.shtml
That might help you identify the problem.
"Paul W." <anonymous@discussions.microsoft.com> wrote in message news:C2A7DB4C-D9F3-43D1-A06B-17CA7D66D43F@microsoft.com...
> Good advice thank you, however this is generally where the frustration comes from - yes it should allow anyone who browses to view
them.
>
> Both "Integrated Windows Authentication" and "Allow anonymous access" are enabled currently (by default as well in fact) and the
permissions are correct on the files and folders - yet I still have the problem as described.
>
> Thanks,
> - Paul W
|
|
|
|
|