Re: Defining access rights on physical folder for publishing

From: David Wang [Msft] (someone_at_online.microsoft.com)
Date: 01/05/04

Next message: Dion: "Disable/uninstall frontpage server extensions"
Previous message: Karl Levinson [x y] mvp: "Re: IIS Security and Microsoft Software Update Service (SR1)"
In reply to: Vince C.: "Defining access rights on physical folder for publishing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 5 Jan 2004 02:03:11 -0800

Since you are requiring Authentication, IIS uses the authenticated identity
to execute requests on the server. You can, of course, configure IIS to use
certain fixed identities to service anonymous and UNC requests, but that's
up to your configuration.

-- 
//David
IIS
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"Vince C." <none@hotmail.com> wrote in message
news:ub8sYqh0DHA.1272@TK2MSFTNGP12.phx.gbl...
Hi.
I've setup a web publishing folder on a W2K machine with IIS 5. FrontPage
Server
Extensions are enabled on that folder as I must use FrontPage and its
features
when editing pages.
I've also designed an intranet application to work with that publishing
folder
so that authors must authenticate - I've disabled anonymous access and base
authentication. They indirectly create folders when a specific page is
called.
That page must create a directory tree, which depends on the authenticated
user
name, in the web publishing folder, the root folder. All authors belong to a
local security group, say Authors.
How should I setup root folder security such as any author can create
folders.
Author should have r/w access to their own files, folders and subfolders but
only read access anywhere else.
This must be a combination between the Authors group and CREATOR OWNER. But
if
someone could help me a little bit on using the appropriate rights in W2K
(quite
enhanced) security, I would be thankful.
A sub question would be: does IIS use supplied credentials when creating
objects
on a disk or just IUSR_MachineName?
Thanks,
Vince C.

Next message: Dion: "Disable/uninstall frontpage server extensions"
Previous message: Karl Levinson [x y] mvp: "Re: IIS Security and Microsoft Software Update Service (SR1)"
In reply to: Vince C.: "Defining access rights on physical folder for publishing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: iis - authenticate thru domain username/password
... Disable "allow anonymous authentication" using the IIS MMC Snapin for the ... set the NTFS permissions for that folder as required. ... iis - authenticate thru domain username/password ...
(Focus-Microsoft)
Re: IIS / NTFS permissions
... I have double checked the NTFS settings and there's only ... I'm using IIS 5.0 on Windows 2000 Server. ... >> Further, if I enable anonymous authentication, IIS ... >> the folder. ...
(microsoft.public.inetserver.iis.security)
Authentication Question
... IIS then properties of the folder and select Directory ... checked "Digest authentication for Domain servers". ... I have compared user groups and they are ...
(microsoft.public.inetserver.iis.security)
Re: setting up a webshare
... >>I have a folder i'd like to make available across the internet. ... >> it connects fine and displays the user authentication dialog box. ... > (A web share is really an IIS virtual directory.) ...
(microsoft.public.inetserver.iis)
Re: HELP PLEASE The request failed with HTTP status 401: Access Denied.
... Web Security: Part 2: Introducing the Web Application Manager, Client ... Authentication Options, and Process Isolation ... It introduces the Web Application Manager in IIS that ... logon session, which is dangerous. ...
(microsoft.public.dotnet.framework.aspnet.security)