Re: Minimum NTFS Permissions - There's such a thing???
From: Ademar (ademar_at_isqsolutions.com)
Date: 05/12/03
- Next message: CQ: "Re: Security certificate"
- Previous message: Joseph Steinberg: "Re: Securing OWA with SSL."
- In reply to: BB: "Re: Minimum NTFS Permissions - There's such a thing???"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 12 May 2003 09:07:46 -0700
Thanks for your quick answer.
Ademar
"BB" <qbernard@hotmail.com> wrote in message news:<#xgzknDGDHA.388@TK2MSFTNGP10.phx.gbl>...
> This is from Terry..
>
> ---
> Terry Harney [MSFT]
>
> This posting is provided ?AS IS?with no warranties, and confers no rights.
> You assume all risk for your use. ?2001 Microsoft Corporation. All rights
> reserved.
>
> ****************************************************************************
> **********************************
> HOW TO: Set Minimum NTFS Permissions Required for IIS 5.0 to Work WGID:198
> ID: 271071.KB.EN-US CREATED: 2000-08-08 MODIFIED: 2003-03-06
>
>
>
> ============================================================================
> ===
> ----------------------------------------------------------------------------
> ---
> The information in this article applies to:
>
> - Microsoft Internet Information Services 5.0 (Version: 5.0)
>
> ----------------------------------------------------------------------------
> ---
>
>
>
> - #2: SUMMARY
> - #3: Give Ownership and
> Permission to Administrators and System
> - #4: Disable Inheritance
> in System Directories
> - #5: NTFS
> Permissions
> - #6: Policies
> - #7: Grant Permissions
> in the Registry
> - #7: Registry
> - #8: Grant Rights in the
> Local Security Policy
> - #9: Policies
> - #10: Troubleshoot
> - #11: Services
> Required
> - #12: REFERENCES
>
>
> SUMMARY
> =======
>
> This step-by-step article describes how to set the minimum
> permissions that you must have to run Internet Information Services
> (IIS) 5.0
> in a secure and protected environment. This document does not, unless
> otherwise
> noted, outline the security that is necessary to run additional
> Microsoft or
> third-party applications in an IIS 5.0 environment.
>
> Note This article only applies to IIS 5.0. It does not apply to any
> other versions of IIS.
>
> For
> additional information about the necessary permissions for IIS 4.0,
> click the
> following article number to view the article in the Microsoft Knowledge
> Base:
>
> KBLink:187506.KB.EN-US: List of NTFS Permissions Required for IIS Site
> to Work
> Testing for this document included the following functional
> tests:
>
> - Hypertext documents (HTML)
> - Active Server Pages (ASP)
> - FrontPage Server Extensions (connecting, editing, and saving), if
> FPSE is enabled while you use the Lockdown Tool
> - Secure Socket Layers (SSL) Connections
>
>
> Because Microsoft does not recommend that you run IIS on domain
> controllers, these permissions and rights were not tested. Microsoft
> also does
> not recommend that you run IIS in any of the following environments:
>
> - Microsoft Exchange 5.5 or Microsoft Exchange 2000 Outlook Web Access
> - Microsoft Small Business Server 2000
> - Microsoft SharePoint Portal or Team Services
> - Microsoft Commerce Server 2000 or Microsoft Commerce Server 2002
> - Microsoft BizTalk Server 2000 or Microsoft BizTalk Server 2002
> - Microsoft Content Management Server 2000 or Microsoft Content
> Management Server 2002
> - Microsoft Application Center 2000
>
>
> Before you apply the permissions in this article, Microsoft
> recommends that you run the most current version of the IIS Lockdown
> Tool. For
> more information about this tool, visit the following Microsoft Web
> site:
>
> http://www.microsoft.com/technet/security/tools/tools/locktool.asp
>
> The following programs and services are installed when you use the
> permissions that are outlined in this article:
>
> - Index Services
> - Terminal Services
> - Script Debugger
> - IIS
>
> - Common Files
> - Documentation
> - FrontPage Server Extensions 2000
> - Internet Services Manager (HTML)
> - WWW
> - FTP
>
>
> -----------------------------------------------------------
>
> To assign permissions to the system:
>
> 1. Open Windows Explorer. To do this, click "Start", click "Programs",
> and then click "Windows Explorer".
> 2. Expand "My Computer".
> 3. Right-click the system drive (this is typically drive C), and then
> click "Properties".
> 4. Click the "Security" tab, and then click "Advanced" to open the
> "Access Control Settings for Local Disk" dialog box.
> 5. Click the "Owner" tab, click to select the
> "Replace Owner on Sub containers and Objects" check box, and
> then click "Apply".
>
> If you receive the following error
> message, click "Continue":
>
> An error has occurred applying security information to
> %systemroot%:\Pagefile.sys
> 6. If you receive the following error message, click
> "Yes":
>
> You do not have permission to read the contents of directory
> %systemroot%:\System Volume Information - Do you want to replace the
> directory permission - All permission will be replaced granting you
> Full Control
> 7. Click "OK" to close the dialog box.
> 8. Click"Add".
> 9. Add the following users, and then grant them the Full
> Control user right:
>
> - Administrator
> - System
> - Creator Owner
> 10. After you have added these user rights, click "Advanced", click to
> select the "Reset permission on all child objects and enable
> propagation of inheritable permissions" check box, and then click
> "Apply".
> 11. If you receive the following error message, click
> "Continue":
>
> An error has occurred applying security information to
> %systemroot%:\Pagefile.sys
> 12. After you have reset user rights, click "OK".
> 13. Click the "Everyone" group, click "Remove", and then click "OK".
> 14. Open the properties for the %systemroot%\Program
> Files\Common Files folder, and then click the "Security" tab.
> Add the account that is used for anonymous access (by default, this is
> the
> IUSR_<MachineName> account) and the Users group, and then make sure that
> only the following are selected:
>
> - "Read & Execute"
> - " List Folder Contents"
> - "Read"
> 15. Open the properties for the root directory that holds your
> Web content (by default, this is the %systemroot%\Inetpub\Wwwroot
> folder).
> Click the "Security" tab, add the IUSR_<MachineName>
> account and the Users group, and then make sure that only the following
> are
> selected:
>
> - "Read & Execute"
> - " List Folder Contents"
> - "Read"
> 16. If you want to grant the Write user right for Inetpub\FTProot or
> the directory path for your FTP site or sites, repeat step 15. Note
> Microsoft does not recommend that you give the Write user right to the
> anonymous account in any directories that the FTP service uses. This
> can cause unnecessary data to be uploaded to your FTP site.
>
>
> -----------------------------------------
> 1. In the %systemroot%\winnt\System32 folder, select all
> folders except the following:
>
> - Inetsrv
> - Certsrv (if present)
> - Com
> 2. Right-click the remaining folders, click "Properties", and then
> click the "Security" tab.
> 3. Click to clear the "Allow inheritable permissions" check box, click
> "Copy", and then click "OK".
> 4. In the %systemroot%\winnt folder, select all folders except
> the following:
>
> - Assembly (if present)
> - Downloaded Program Files
> - Help
> - IIS Temporary Compressed Files
> - Microsoft.NET (if present)
> - Offline Web Pages
> - System32
> - Tasks
> - Temp
> - Web
> 5. Right-click the remaining folders, click "Properties", and then
> click the "Security" tab.
> 6. Click to clear the "Allow inheritable permissions" check box, click
> "Copy", and then click "OK".
> 7. Apply permissions to the following:
>
> a. Open the properties for the %systemroot%\Winnt folder,
> click the "Security" tab, add the
> "IUSR_<MachineName>" and
> "IWAM_<MachineName>" accounts and the
> "Users" group, and then make sure that only the following are
> selected:
>
> - "Read & Execute"
> - " List Folder Contents"
> - "Read"
> b. Open the properties for the %systemroot%\Winnt\Temp
> folder, select the "IUSR_<MachineName>" account (this
> account is already present because it inherits from the Winnt
> folder), and then
> click to select the "Modify" check box. Repeat this step for the
> "IWAM_<MachineName>" account and the
> "Users" group.
> c. If FrontPage Server Extension Clients such as
> FrontPage or Microsoft Visual InterDev are being used, open the
> properties for
> the %systemroot%\Inetpub\Wwwroot folder, select the "Authenticated
> Users" group, select the following, and then click "OK":
>
>
> - "Modify"
> - "Read & Execute"
> - "List Folder Contents"
> - "Read"
> - "Write"
>
>
> ----------------
>
> The following table lists the permissions that will be applied
> when you follow the steps in the section. This table is for
> reference only.
>
> To apply the permissions in the following table:
>
> 1. Open Windows Explorer. To do this, click "Start", click "Programs",
> click "Accessories", and then click "Windows Explorer".
> 2. Expand "My Computer".
> 3. Right-click "%systemroot%", and then click "Properties".
> 4. Click the "Security" tab, and then click "Advanced".
> 5. Double-click "Permission", and then select the appropriate setting
> from the "Apply Onto" list.
>
>
> Note In the ?Apply To? column, the term Default refers to ?This
> folder, subfolders, and files.?
>
>
> +====================================================+======================
> =====+====================+=============================+
> | Directory | Users\Groups
> | Permissions | Apply To |
> +====================================================+======================
> =====+====================+=============================+
> | %systemroot%\ (c:\winnt) | Administrator
> | Full
> Control | Default |
> +====================================================+======================
> =====+====================+=============================+
> | | System
> | Full Control | Default |
> +====================================================+======================
> =====+====================+=============================+
> | | Users
> | Read, Execute | Default |
> +====================================================+======================
> =====+====================+=============================+
> | %systemroot%\system32 | Administrators
> | Full
> Control | Default |
> +====================================================+======================
> =====+====================+=============================+
> | | System
> | Full Control | Default |
> +====================================================+======================
> =====+====================+=============================+
> | | Users
> | Read, Execute | Default |
> +====================================================+======================
> =====+====================+=============================+
> |
> %systemroot%\system32\inetsrv | Administrators
> | Full
> Control | Default |
> +====================================================+======================
> =====+====================+=============================+
> | | System
> | Full Control | Default |
> +====================================================+======================
> =====+====================+=============================+
> | | Users
> | Read, Execute | Default |
> +====================================================+======================
> =====+====================+=============================+
> | Inetpub\adminscripts | Administrators
> | Full
> Control | Default |
> +====================================================+======================
> =====+====================+=============================+
> | Inetpub\urlscan (if present)
> | Administrators | Full Control |
> Default |
> +====================================================+======================
> =====+====================+=============================+
> | | System
> | Full Control | Default |
> +====================================================+======================
> =====+====================+=============================+
> |
> %systemroot%\system32\inetsrv\metaback | Administrators
> | Full
> Control | Default |
> +====================================================+======================
> =====+====================+=============================+
> | | System
> | Full Control | Default |
> +====================================================+======================
> =====+====================+=============================+
> | %systemroot%\IIS Temporary Compressed
> Files | Administrators | Full Control | Default
> |
> +====================================================+======================
> =====+====================+=============================+
> | | System
> | Full Control | This folder and
> files |
> +====================================================+======================
> =====+====================+=============================+
> | | IWAM_<MachineName>
> | Full
> Control | This folder |
> +====================================================+======================
> =====+====================+=============================+
> | | Network
> | Full Control | This
> folder |
> +====================================================+======================
> =====+====================+=============================+
> | | Service
> | Full Control | This folder
> |
> +====================================================+======================
> =====+====================+=============================+
> | | Creator Owner
> | Full Control | This
> folder and files |
> +====================================================+======================
> =====+====================+=============================+
> |
> %systemroot%\system32\LogFiles | Administrator
> | Full
> Control | This folder and files |
> +====================================================+======================
> =====+====================+=============================+
> | | System
> | Full Control | This folder and
> files |
> +====================================================+======================
> =====+====================+=============================+
> | | IUSR_<MachineName>
> | Full
> Control | This folder and files |
> +====================================================+======================
> =====+====================+=============================+
> | | Users
> | Full Control | This folder and
> files |
> +====================================================+======================
> =====+====================+=============================+
> | %systemroot%\help\iishelp\common | Administrators
> | Full
> Control | This folder and files |
> +====================================================+======================
> =====+====================+=============================+
> | | System
> | Full Control | This folder and
> files |
> +====================================================+======================
> =====+====================+=============================+
> | | IWAM_<Machinename>
> | Read,
> Execute| This folder and files |
> +====================================================+======================
> =====+====================+=============================+
> | | Network
> | Full Control | This folder and
> files |
> +====================================================+======================
> =====+====================+=============================+
> | | Service
> | | This folder and files |
> +====================================================+======================
> =====+====================+=============================+
> | | Users
> | Read, Execute | This folder and
> files |
> +====================================================+======================
> =====+====================+=============================+
> | Inetpub\wwwroot (or content
> directories) | Administrators | Full Control |
> This folder
> and files |
> +====================================================+======================
> =====+====================+=============================+
> | | System
> | Full Control | This folder and
> files |
> +====================================================+======================
> =====+====================+=============================+
> | | IWAM_<MachineName>
> | Read,
> Execute| This folder and files |
> +====================================================+======================
> =====+====================+=============================+
> | | Service
> | Read, Execute | This folder
> and files |
> +====================================================+======================
> =====+====================+=============================+
> | | Network
> | Read, Execute | This folder
> and files |
> +====================================================+======================
> =====+====================+=============================+
> | Optional**: | Users
> | Read, Execute | This
> folder and files |
> +====================================================+======================
> =====+====================+=============================+
>
> ** If you are using FrontPage Server Extensions, the
> Authenticated Users or the Users group must have the Change user right
> to
> create, rename, write, or provide the functionality that a developer
> might need
> from a FrontPage type of client, such as Visual InterDev 6.0 or
> FrontPage 2002.
>
>
> ---------------------------------
> 1. Click "Start", click "Run", type "regedt32" (without the quotation
> marks), and then click "OK". Do not use Regedit.exe because it does not
> permit you to change permissions in Windows 2000.
> 2. In Registry Editor, locate and select "HKEY_LOCAL_MACHINE".
> 3. Expand "System", expand "CurrentControlSet", and then expand
> "Services".
> 4. Select the "IISADMIN" key, click "Security" (or press ALT+S), and
> then select "Permissions" (or press P).
> 5. Click to clear the "Allow inheritable permissions
> from parent to propagate to this object" check box, click
> "Copy", and then remove all users except:
>
> - Administrators (Allow Read and Full Control)
> - System (Allow Read and Full Control)
> 6. Click "OK".
> 7. Perform these steps again for the "MSFTPSVC" key.
> 8. Select the "W3SVC" key, click "Security", and then click
> "Permissions".
> 9. Click to clear the "Allow inheritable permissions
> from parent to propagate to this object" check box, and then remove all
> entries except:
>
> - Administrators (Allow Read and Full Control)
> - System (Allow Read and Full Control)
> - Network (Read)
> - Service (Read)
> - IWAM_<MachineName> (Read)
> 10. Click "OK"
>
>
> --------
>
> The following table lists the permissions that will be applied
> when you follow the steps in the section. This table is for reference
> only.
>
> Note The acronym HKLM stands for HKEY_LOCAL_MACHINE.
>
>
> +=================================================+=========================
> =+=====================+
> | Location | Users\Groups
> | Permissions |
> +=================================================+=========================
> =+=====================+
> | HKLM\System\CurrentControlSet\Service\IISAdmin | Administrators
> | Full
> Control |
> +=================================================+=========================
> =+=====================+
> | | System
> | Full Control |
> +=================================================+=========================
> =+=====================+
> | HKLM\System\CurrentControlSet\Service\MsFtpSvc | Administrators
> | Full
> Control |
> +=================================================+=========================
> =+=====================+
> | | System
> | Full Control |
> +=================================================+=========================
> =+=====================+
> | HKLM\System\CurrentControlSet\Service\w3svc | Administrators
> | Full
> Control |
> +=================================================+=========================
> =+=====================+
> | | System
> | Full Control |
> +=================================================+=========================
> =+=====================+
> | | IWAM_<MachineName>
> | Read |
> +=================================================+=========================
> =+=====================+
>
>
> -----------------------------------------
> 1. Click "Start", click "Settings", and then click "Control Panel".
> 2. Double-click "Administrative Tools", and then double-click "Local
> Security Policy".
> 3. In the "Local Security Settings" dialog box, expand "Local
> Policies", and then click "User Rights Assignment".
> 4. Modify the appropriate policy:
>
> a. Double-click the policy.
> b. Select and then click "Remove" for any
> user who is not listed in the table.
> c. Add any user who is not listed. To do this, click
> "Add", and then select the user in the "Select Users or
> Groups" dialog box.
>
>
> Note that because a domain controller policy overrides the local
> policy, you must make sure that Effective Policy Setting matchesLocal
> Policy Setting.
>
>
> The following table lists the permissions that will be
> applied when you follow the steps in the section.
>
>
> --------
>
>
>
> +==============================================+============================
> ==========+
> | Policy | Users
> |
> +==============================================+============================
> ==========+
> | Log on Locally | Administrators
> |
> +==============================================+============================
> ==========+
> | | IUSR_<MachineName>
> (Anonymous) |
> +==============================================+============================
> ==========+
> | Access this computer from the
> Network | Administrators |
> +==============================================+============================
> ==========+
> | | ASPNet (.NET Framework)
> |
> +==============================================+============================
> ==========+
> | | IUSR_<MachineName>
> (Anonymous) |
> +==============================================+============================
> ==========+
> | | IWAM_<MachineName>
> |
> +==============================================+============================
> ==========+
> | | Users
> |
> +==============================================+============================
> ==========+
> | Log on as a Batch Job | ASPNet
> |
> +==============================================+============================
> ==========+
> | | Network
> |
> +==============================================+============================
> ==========+
> | | IUSR_<MachineName>
> |
> +==============================================+============================
> ==========+
> | | IWAM_<MachineName>
> |
> +==============================================+============================
> ==========+
> | | Service
> |
> +==============================================+============================
> ==========+
> | Logon as a Service | ASPNet
> |
> +==============================================+============================
> ==========+
> | | Network
> |
> +==============================================+============================
> ==========+
> | Bypass Transverse Checking | Administrators
> |
> +==============================================+============================
> ==========+
> | | IUSR_<MachineName>
> (Anonymous) |
> +==============================================+============================
> ==========+
> | | Users (Basic, Integrated,
> Digest) |
> +==============================================+============================
> ==========+
> | | IWAM_<MachineName>
> |
> +==============================================+============================
> ==========+
>
>
> -----------------
> For
> additional information about the services that you need for IIS 4.0,
> click the
> following article number to view the article in the Microsoft Knowledge
> Base:
>
> KBLink:189271.KB.EN-US: List of Services Needed to Run a Secure IIS
> Computer
> For additional information about the
> services that you need for IIS 5.0, click the following article number
> to view
> the article in the Microsoft Knowledge Base:
>
> KBLink:810866.KB.EN-US: Services Required to Run a Secure IIS Server on
> Windows 2000
>
>
> REFERENCES
> ==========
> 12
> For
> additional information about how to restore default NTFS permissions for
> Windows 2000, click the following article number to view the article in
> the
> Microsoft Knowledge Base:
>
> KBLink:266118.KB.EN-US: How to Restore the Default NTFS Permissions for
> Windows 2000
>
>
> QUERY WORDS
> ===========
>
> iis 5 NTFS permission permissions security internet
> information services lockdown policy template
>
>
>
>
>
> ============================================================================
> ===
>
>
>
>
>
>
>
>
>
>
>
>
> ****************************************************************************
> ***********************************
> ****************************************************************************
> ***********************************
>
> List of NTFS Permissions Required for IIS Site to Work WGID:198
> ID: 187506.KB.EN-US CREATED: 1998-06-10 MODIFIED: 2003-03-06
>
>
>
> ============================================================================
> ===
> ----------------------------------------------------------------------------
> ---
> The information in this article applies to:
>
> - Microsoft Internet Information Server 4.0 (Version: 4.0)
>
> ----------------------------------------------------------------------------
> ---
>
> SUMMARY
> =======
>
> This article lists the Microsoft Windows NT File System (NTFS) access
> permissions that you must have for an Internet Information Server (IIS) Web
> site, an Internet Information Services (IIS) Web site, or a File Transfer
> Protocol (FTP) site to work. This article applies only to IIS 4.0.
>
>
> For additional information about IIS 5.0, click the following article
> number to view the article in the Microsoft Knowledge Base:
>
>
> KBLink:271071.KB.EN-US: Minimum NTFS Permissions Required for IIS 5.0
> to Work
> Note When you install IIS, it creates the correct NTFS access permissions
> for the default Web site and for the default FTP site for the anonymous
> user account (IUSR_Computer_Name) and, if applicable, for the application
> owner user account (IWAM_Computer_Name). If you try to gain access to a Web
> page that you do not have access permissions for, you may receive the
> following error message:
>
> HTTP Error 401 401.3 Unauthorized: Unauthorized due to ACL on resource.
>
> MORE INFORMATION
> ================
>
>
> To properly access and manage IIS, the local System account and local
> Administrators group need FULL CONTROL permissions to all drives on the
> computer. These permissions can be added from a command prompt. Type the
> following commands on each NTFS drive:
>
>
>
> cd \
> cacls * /T /E /C /P System:F Administrators:F
>
>
> NOTE: Modifying permissions may take several minutes per drive, depending
> on the amount of data on that drive. If the drive has no files, you receive
> the following error message:
>
>
>
> The System cannot find the file specified.
>
>
>
> To configure the minimum required NTFS permissions for users who access
> IIS, grant the following directory permissions to the anonymous Internet
> user account (by default, this is the IUSR_computer_name account) and any
> other accounts or groups that need access to the Web server:
>
>
>
>
> Directory Permissions
> ------------------------------------------------
> Content READ (RX)
>
> Winnt READ (RX)
>
> Winnt\System32 READ (RX)
>
> Winnt\System32\Inetsrv READ (RX)
>
> Program Files\Common Files READ (RX)
> (and all subdirectories)
>
>
> NOTE: In IIS 3.0, Active Server Pages is an add-on product and is located
> in its own folder. For this reason, IIS 3.0 installations that are running
> ASP require READ (RX) permissions set on the Winnt\System32\Inetsrv\Asp
> folder.
>
>
> Content is defined as anything (such as Web pages, images, and files) that
> someone can use the Web browser to access. By default, the content folder
> for the World Wide Web Publishing Service is \InetPub\Wwwroot, and the
> content folder for the FTP Service is \InetPub\Ftproot.
>
>
> IIS requires both appropriate NTFS permissions and the appropriate user
> rights to access the Web server. The following table lists the
> authentication type and the corresponding user right that is required to
> use the specified authentication type:
>
>
>
>
> Authentication Type Required User Right
> ------------------- -------------------
> Anonymous Log on locally (Password
> Synchronization disabled)
> Anonymous Access this computer from the network
> (Password Synchronization enabled)
> Basic (Clear Text) Log on locally
> NT Challenge Response Access this computer from the network
> Digest (IIS 5.0 only) Access this computer from the network
> Integrated (IIS 5.0 only) Access this computer from the network
>
> For additional information about how to determine which authentication
> types can be used by which browser and in which environments, click the
> article number below
> to view the article in the Microsoft Knowledge Base:
>
>
>
> KBLink:229694.KB.EN-US: How to Use the IIS Security 'What If' Tool
>
>
> For more information, see the "Security" topic in the Windows NT 4.0 Option
> Pack documentation. To view this topic, locate Microsoft Internet
> Information Server, locate Server Administration, and then locate Security.
>
>
>
> For more information, see the "Security" topic in the Internet Information
> Services 5.0 documentation. To view this topic, locate Administration,
> locate Server Administration, and then locate Security.
>
> For additional information about troubleshooting permission issues with
> IIS, click the article numbers below
> to view the articles in the Microsoft Knowledge Base:
>
>
>
> KBLink:271071.KB.EN-US: Minimum NTFS Permissions Required for IIS 5.0
> to Work
>
>
>
> KBLink:313075.KB.EN-US: How to Configure Web Server Permissions for Web
> Content in IIS
>
>
> KBLink:120929.KB.EN-US: How the System Account is Used in Windows
>
>
> KBLink:148437.KB.EN-US: Default NTFS Permissions in Windows NT
>
>
> KBLink:155253.KB.EN-US: Improper NTFS Permissions May Result in IIS
> Failure
>
>
> KBLink:265161.KB.EN-US: FP: Errors Appear When You Attempt to Connect
> to Database Results Page
>
>
> For additional information about how to connect to a Microsoft Access .mdb
> file from Active Server Pages (ASP), click the article number below
> to view the article in the Microsoft Knowledge Base:
>
>
>
> KBLink:251254.KB.EN-US: PRB: 'Disk or Network Error' or 'Unspecified
> Error' Returned When Using Jet
>
> QUERY WORDS
> ===========
>
> acl access control list manager domains IUSR_<computername>
> IUSR_<machinename> IUSR_<machine_name> IWAM_<computername>
> IWAM_<machinename> IWAM_<machine_name> folder folders directories akz
>
>
>
> ============================================================================
>
>
> --- Very difficult to read.. but better than nothing :)
>
>
> --
> Regards,
> Bernard Cheah
> http://support.microsoft.com/
>
>
> "Ademar G. Diaz" <ademar@isqsolutions.com> wrote in message
> news:ef1Y4XlFDHA.2108@TK2MSFTNGP10.phx.gbl...
> > The article "Minimum NTFS Permissions Required for IIS 5.0 to Work" seems
> > like it is not available anymore.
> >
> > And i've been unable to find those settings clearly stated by Microsoft
> > anywhere, not even in this forum.
> > All i have found is references to the aforementioned article.
> >
> > Would be somebody there so kind as to showme the rigth direction.
> >
> > Thanks in advance.
> >
> > Ademar Gonzalez
> > Programmer
> >
> >
- Next message: CQ: "Re: Security certificate"
- Previous message: Joseph Steinberg: "Re: Securing OWA with SSL."
- In reply to: BB: "Re: Minimum NTFS Permissions - There's such a thing???"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
