-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello.

I would like to password protect access to a specific directory on my IIS
server where the password in not the same as my domain user passwords.  The
server is running on Windows 2000 (not active directory).

So far I have only found ways to use the Windows authentication (same
password as my domain accounts) or anonymous access.

Is there a way to specify an independent username and password for access to
a directory controlled by IIS?

Thanks.
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3
Comment: Digital signature guarantees authenticity

iQA/AwUBQcblRt/hBQ7O4WklEQJ0jQCgnnSpuVCEPYPAO/109+IkhbJ3z8QAoKFH
2H+7/eDLwAVBFaEw+lri/n0H
=7CwE
-----END PGP SIGNATURE-----

[ Post a follow-up to this message ]

"Howard Hartman" <postmaster@neteast.com> wrote in message
news:ut3tuKq5EHA.3756@TK2MSFTNGP14.phx.gbl...
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hello.
>
> I would like to password protect access to a specific directory on my IIS
> server where the password in not the same as my domain user passwords.
The
> server is running on Windows 2000 (not active directory).
>
> So far I have only found ways to use the Windows authentication (same
> password as my domain accounts) or anonymous access.
>
> Is there a way to specify an independent username and password for access
to
> a directory controlled by IIS?

You could create a local account on the IIS server and use that instead.

[ Post a follow-up to this message ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Thanks for your reply.

I've done that.  I created a local account on the IIS server.  When trying
to login to the web page that is in this directory, The username and
password is not accepted because the password prompt fils in the Windows
domain name.   Since I created a local account rather than a domain account,
login with a domain account is not possible.

How do I set the IIS security to only look at a local account?

Thanks.

Howard

"Tom Kaminski [MVP]" <tomk (A@T) mvps (D.O.T) org> wrote in message
news:uyY8hfq5EHA.4004@tk2msftngp13.phx.gbl...
> "Howard Hartman" <postmaster@neteast.com> wrote in message
> news:ut3tuKq5EHA.3756@TK2MSFTNGP14.phx.gbl... 
> The 
> to 
>
> You could create a local account on the IIS server and use that instead.
>
>
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3
Comment: Digital signature guarantees authenticity

iQA/AwUBQcbxMt/ hBQ7O4WklEQIw0QCg4XIIfUxxwMORyTcL4bKA1tI
LBCgAn1SU
tIDOLvbmX6oqQ/sfFdAWLDeF
=T8aW
-----END PGP SIGNATURE-----

[ Post a follow-up to this message ]

"Howard Hartman" <postmaster@neteast.com> wrote in message
news:O5ApKnq5EHA.2964@TK2MSFTNGP09.phx.gbl...
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Thanks for your reply.
>
> I've done that.  I created a local account on the IIS server.  When trying
> to login to the web page that is in this directory, The username and
> password is not accepted because the password prompt fils in the Windows
> domain name.   Since I created a local account rather than a domain
account,
> login with a domain account is not possible.
>
> How do I set the IIS security to only look at a local account?

First off, switch to Basic Authentication.  if necessary, preface the
username with the local server name as in servername\username.

[ Post a follow-up to this message ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Thanks Tom

I've done all these things too.  I have the IIS server set for Basic
Authentication only with no domain specified.  The local account I created
has the proper permissions.

It works if I specify a domain account and password.

Howard

"Tom Kaminski [MVP]" <tomk (A@T) mvps (D.O.T) org> wrote in message
news:u9xdY0q5EHA.3336@TK2MSFTNGP11.phx.gbl...
> "Howard Hartman" <postmaster@neteast.com> wrote in message
> news:O5ApKnq5EHA.2964@TK2MSFTNGP09.phx.gbl... 
> account, 
>
> First off, switch to Basic Authentication.  if necessary, preface the
> username with the local server name as in servername\username.
>
>
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3
Comment: Digital signature guarantees authenticity

iQA/AwUBQcb4T9/ hBQ7O4WklEQJ1LgCgshGQzRXLsWYZ9j6486FZ4D+
ipD4AnjdD
aAg9A4CP34hrIM4vvvf5BD84
=06RI
-----END PGP SIGNATURE-----

[ Post a follow-up to this message ]

"Howard Hartman" <postmaster@neteast.com> wrote in message
news:#zOeI4q5EHA.1564@TK2MSFTNGP09.phx.gbl...
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Thanks Tom
>
> I've done all these things too.  I have the IIS server set for Basic
> Authentication only with no domain specified.  The local account I created
> has the proper permissions.
>
> It works if I specify a domain account and password.

How about specifying the server name as the default domain in the Basic
authentication properties?

[ Post a follow-up to this message ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I tried that too.

In theory, if you can't browse to it then it's not a valid entry.   Nothing
I have tried has allowed me to use a local account to create an access list.
I also tried the Apache method of htaccess/htpasswd in the misguided thought
that IIS might recognize that method of authentication.  It doesn't.

Howard

"Tom Kaminski [MVP]" <tomk (A@T) mvps (D.O.T) org> wrote in message
news:OkFLyGr5EHA.3908@TK2MSFTNGP12.phx.gbl...
> "Howard Hartman" <postmaster@neteast.com> wrote in message
> news:#zOeI4q5EHA.1564@TK2MSFTNGP09.phx.gbl... 
>
> How about specifying the server name as the default domain in the Basic
> authentication properties?
>
>
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3
Comment: Digital signature guarantees authenticity

iQA/AwUBQccQC9/hBQ7O4WklEQIRWwCcCgVFIWwBTyoBjk8/1j2rzxKYvWYAnjQq
o+JVw0jA/gUHA2V0WTNPP1p4
=I3Lo
-----END PGP SIGNATURE-----

[ Post a follow-up to this message ]

"Howard Hartman" <postmaster@neteast.com> wrote in message
news:#S3Buwr5EHA.3616@TK2MSFTNGP11.phx.gbl...
> I tried that too.
>
> In theory, if you can't browse to it then it's not a valid entry.
Nothing
> I have tried has allowed me to use a local account to create an access
list.
> I also tried the Apache method of htaccess/htpasswd in the misguided
thought
> that IIS might recognize that method of authentication.  It doesn't.

I don't understand. Are you saying you can't set NTFS permissions using the
local account?

[ Post a follow-up to this message ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Tom,

Yes, I can set NTFS permissions on the directory and I can create a local
account that uses those permissions.

What I cannot do is get IIS to authenticate only to the local account.  It
insists on a domain account from a workstation logged into the domain.  I
have not tried it from a workstation not logged into the domain.

I created an access list of domain users that have access to this directory
and it works fine.  What I wanted to do was use non-domain account
authenticationn with a domain independent username and password.

Howard

"Tom Kaminski [MVP]" <tomk (A@T) mvps (D.O.T) org> wrote in message
news:eqkXwOs5EHA.2804@TK2MSFTNGP15.phx.gbl...
> "Howard Hartman" <postmaster@neteast.com> wrote in message
> news:#S3Buwr5EHA.3616@TK2MSFTNGP11.phx.gbl... 
> Nothing 
> list. 
> thought 
>
> I don't understand. Are you saying you can't set NTFS permissions using
> the
> local account?
>
>
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3
Comment: Digital signature guarantees authenticity

iQA/AwUBQcci9d/ hBQ7O4WklEQKvKACeOKdY96zmE9CxqgbdAY3AhcY
8m+AAoOlf
culdr/0txk9LBVbnkwfhw0K1
=cP8A
-----END PGP SIGNATURE-----

[ Post a follow-up to this message ]