IIS authentication

Web Server Talk > Web Servers reviews > IIS server support > IIS Server Security > IIS authentication

Last Thread Next Thread Next

IIS authentication

Blake

02-26-04 03:34 PM

OK - I have IIS 5 on a member server.  The files are set at the NTFS level
to 'authenticated users' (RX) and the IIS folder is set to 'basic
authentication' ONLY.  I have SSL required for this folder.  I am trying to
allow only valid AD users to visit this page:

1) can a user whose account is DISABLED view this page?  I thought no, but
today it seems to work
2) in the past an account that was marked 'user must change password at next
logon' could NOT access this page, but now that seems to work too
3) if an account has it's password expire, can that account visit my web
page?

Does anyone have any references on the connection between AD IDs and IIS
authentication?

Thanks, as always
Blake

[ Post a follow-up to this message ]

Re: IIS authentication

Tom Kaminski [MVP]

02-26-04 03:34 PM

"Blake" <blake_duffey@NOSPAM.hotmail.com> wrote in message
news:ONbaQiH$DHA.2316@tk2msftngp13.phx.gbl...
> OK - I have IIS 5 on a member server.  The files are set at the NTFS level
> to 'authenticated users' (RX) and the IIS folder is set to 'basic
> authentication' ONLY.  I have SSL required for this folder.  I am trying
to
> allow only valid AD users to visit this page:
>
> 1) can a user whose account is DISABLED view this page?  I thought no, but
> today it seems to work
> 2) in the past an account that was marked 'user must change password at
next
> logon' could NOT access this page, but now that seems to work too
> 3) if an account has it's password expire, can that account visit my web
> page?
>
> Does anyone have any references on the connection between AD IDs and IIS
> authentication?

This explains it ...
http://support.microsoft.com/defaul...6&Product=iis50

--
Tom Kaminski IIS MVP
http://www.iistoolshed.com/ - tools, scripts, and utilities for running IIS
http://mvp.support.microsoft.com/
http://www.microsoft.com/windowsser...ty/centers/iis/

[ Post a follow-up to this message ]

Re: IIS authentication

Blake

02-26-04 04:34 PM

Excellent!  Thanks, Tom.  Good info on this topic.

Blake

"Tom Kaminski [MVP]" <tomk (A@T) mvps (D.O.T) org> wrote in message
news:c1l1pb$arh8@kcweb01.netnews.att.com...
> "Blake" <blake_duffey@NOSPAM.hotmail.com> wrote in message
> news:ONbaQiH$DHA.2316@tk2msftngp13.phx.gbl... 
level 
> to 
but 
> next 
>
> This explains it ...
>
http://support.microsoft.com/defaul...6&Product=iis50
>
> --
> Tom Kaminski IIS MVP
> http://www.iistoolshed.com/ - tools, scripts, and utilities for running
IIS
> http://mvp.support.microsoft.com/
> http://www.microsoft.com/windowsser...ty/centers/iis/
>
>
>

[ Post a follow-up to this message ]