Is there a way to allow anonymous users to fill out a web-based form on a pu
blicly accessible ASP page which writes to an Access database without enabli
ng "write" access to the IUSR account?

[ Post a follow-up to this message ]

Not directly.

You could have ASP invoke a COM object that sits in COM+ that runs another
identity, but that identity needs "Write" permissions to the Access.mdb
file.

Best solution:
a) put Access.mdb file outside the webroot. There's no real requirement that
the .mdb file be inside the webroot.

Alternate Solution:
a) give IUSR (or whatever) appropriate NTFS rights to the folder. Do not
place anything else into the folder except databases. In IIS Manager remove
"Read" and "Script Only" permissions from that folder. This will stop HTTP
requests from being served from that folder. Write should be unchecked by
default, so HTTP write type requests will also be denied.

Cheers
Ken

"Dan" <anonymous@discussions.microsoft.com> wrote in message
news:8CF3A22F-3AF6-4BAA-A377-896D6C471908@microsoft.com...
: Is there a way to allow anonymous users to fill out a web-based form on a
publicly accessible ASP page which writes to an Access database without
enabling "write" access to the IUSR account?

[ Post a follow-up to this message ]