Re: How to restrict access to Web directory to ONLY 1 user or group?

From: GVaught (glvaught@hotmail.com)
Date: 12/18/02 

From: "GVaught" <glvaught@hotmail.com>
Date: Tue, 17 Dec 2002 23:24:35 -0700

The way I did it using NT4 and IIS 4 was to set who was allowed access at
the upper most folder for their section . Since my website had to
accommodate NetScape users I had to use Basic Authentication in IIS. I
believe also you must make sure that LogOn locally is set at the IIS server.

I also ended up creating a local group on the PDC for internal users and a
local group on the web server for external clients. I brought the local
group from the PDC into the web server as a global group.

"JP" <eyenok@hotmail.com> wrote in message
news:e$5FFWhpCHA.2396@tk2msftngp13...
> This should be a no-brainer but I can't find anything clear on this
> matter...
>
> I want to restrict certain parts of a Web site (like an admin section)
using
> Integrated Windows Authentication (IWS). So I setup IIS5 to not allow
> anonymous access in the desired directory and use IWS instead. Then I
setup
> a new user/group for that specific Web site for administration purposes.
> Then for that restricted directory, in NTFS, I remove Web user access and
> add the new user/group i've just created. I also leave Administrator and
> SYSTEM with full access.
>
> This is my problem : when I repeat all these steps for a second site, both
> user/groups can access both restricted sections, as long as they provide a
> valid user and password combination, although I specify different a
> user/group in NTFS for each. Obviously, I don't want this!
>
> So how can you set up private directories so that no other user/groups
than
> those specified in NTFS can't login and view the private Web content.
>
> Thanks you for your input!
>
>
>
>

Relevant Pages

  • Re: access only through Local groups
    ... I created a group in the sever where IIS runs and added all required users to that local group. ... I given read permissions to this group to the web site document root folder ... finally I added the domain users to the web site permission list and it stated working to my requirement. ...
    (microsoft.public.inetserver.iis.security)
  • Re: Autentication dialog
    ... You need to add the users you want access into a local group on the IIS box. ... > that the users of my intranet be auth. ... If I turn windows auth. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: MP Error 5436 and access denied
    ... MP machine account is a member of the SQL Connection local group. ... It seems like to be a permission problem regarding IIS guest account. ... I tried to change IIS Guest account's membership: ...
    (microsoft.public.sms.admin)
  • Re: Frontpage and IIS security
    ... Try a FrontPage group for details and help there. ... First, this is a FrontPage issue, not an IIS security issue, so you'll ... local group, you add the users to it, not to another group and then ... add that group to advauthor. ...
    (microsoft.public.inetserver.iis.security)
  • Can not add operator
    ... In the mmc for IIS 5, I try to add a user or group to the operators list ... for a web or ftp site and the user/group doesn't appear in the operators ...
    (microsoft.public.inetserver.iis.security)