Re: restricting access to a page
From: Lisa Cozzens [MSFT] (lcozzens@online.microsoft.com)
Date: 03/07/03
- Previous message: Lisa Cozzens [MSFT]: "RE: Web Folders, Integrated Windows Authentication and Trusted Domains"
- In reply to: Jack Rumbaugh: "Re: restricting access to a page"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: lcozzens@online.microsoft.com (Lisa Cozzens [MSFT]) Date: Fri, 07 Mar 2003 22:04:29 GMT
Hi Jack,
If you've set the NTFS permissions properly, regular domain users won't be
able to access the files, even through a browser. When a request for a file
comes in, IIS reads the NTFS permissions on that file. It denies access if
those permissions do not allow the logged-on user to view the files.
Just make sure you've enabled Integrated Windows Authentication in IIS and
that you've set the NTFS permissions on the restricted files to only allow
access by managers and admins. That should work fine.
Hope this helps,
Lisa
--------------------
> Content-Class: urn:content-classes:message
> From: "Jack Rumbaugh" <jrumbaugh@crstemphousing.com>
> Sender: "Jack Rumbaugh" <jrumbaugh@crstemphousing.com>
> References: <04ad01c2e4da$d8e699f0$3001280a@phx.gbl>
<u79pmvN5CHA.2404@TK2MSFTNGP09.phx.gbl>
> Subject: Re: restricting access to a page
> Date: Fri, 7 Mar 2003 11:20:47 -0800
> Lines: 46
> Message-ID: <00cc01c2e4de$a8334480$a401280a@phx.gbl>
> MIME-Version: 1.0
> Content-Type: text/plain;
> charset="iso-8859-1"
> Content-Transfer-Encoding: 7bit
> X-Newsreader: Microsoft CDO for Windows 2000
> X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
> Thread-Index: AcLk3qgzcr6tYb9KQ+qJBpgbxT8vXQ==
> Newsgroups: microsoft.public.inetserver.iis.security
> NNTP-Posting-Host: TK2MSFTNGXA12 10.40.1.164
> Path: cpmsftngxa06!cpmsftngxa08.phx.gbl
> Xref: cpmsftngxa06 microsoft.public.inetserver.iis.security:16112
> X-Tomcat-NG: microsoft.public.inetserver.iis.security
>
> The folder in question has the permissions set as I want
> them asn there is no inheritance from above. The 2 files
> in the folder have matching permissions. The problem is
> accessing them from a browser. They are wide open to
> domain users.
>
> Jack
> >-----Original Message-----
> >Jack,
> >
> > You should be able to disable anonymous access to the
> entire folder
> >under IIS, also while your at it remove the
> IUSR_servername or any
> >grouprs/users that you do not want to have access from
> the folder in
> >question and then under the advanced section of security
> check the box to
> >reset permissions on all child objects. This should
> effectively disallow
> >anyone you do not want to from viewing the documents in
> the folders.
> >
> >E.Cottrell
> >
> >
> >"Jack Rumbaugh" <jrumbaugh@crstemphousing.com> wrote in
> message
> >news:04ad01c2e4da$d8e699f0$3001280a@phx.gbl...
> >> I have a problem that I hope people can point me in the
> >> right direction on. We have an intranet hosted on IIS on
> >> our internal LAN. We want to restrict several reports
> in a
> >> directory to managers and admins only. I can assign the
> >> NTFS permissions on the folder so a casual browser can't
> >> access them but when given a link to the page anyone can
> >> view them. I'd like to have anyone but the designated
> >> people get an access denied message. Do I have to do
> this
> >> with a cookie?
> >>
> >> Jack
> >
> >
> >.
> >
>
-----
Please do not send email directly to this alias. This is an online
account name for newsgroup participation only.
This posting is provided "AS IS" with no warranties, and confers
no rights. You assume all risk for your use.
© 2003 Microsoft Corporation. All rights reserved.
- Previous message: Lisa Cozzens [MSFT]: "RE: Web Folders, Integrated Windows Authentication and Trusted Domains"
- In reply to: Jack Rumbaugh: "Re: restricting access to a page"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
