Re: Giving developer rights to access IIS 5.0

From: John Alderson (jalderson.nodata_at_adelphia.net)
Date: 02/26/04 

Date: Thu, 26 Feb 2004 11:03:18 -0500

"rlim" <anonymous@discussions.microsoft.com> wrote in message
news:4471AF99-1BDB-40B2-8C70-D7C21B2BF4A7@microsoft.com...
> We have a junior program developer who is creating .net web applications,
we have IIS installed on his XP for him to test the applications. Currently
he is set as power user/debug user/VS developer. We do not want to set him
as local administrator, but it seems like that is only way he could access
IIS from MMC. I might of missed a KB article or some of the threads on this
forum regards to this issue. If you have any suggestions or solutions would
be deeply appreciated. Thank you.
-------------------------
rlim,

The documented answer to this from Microsoft is "you must be an
Administrator". However, like you and many others, I have had a strong
desire to maintain some semblance of operational sanity with IIS servers.
To satisfy that need, I've put together a set of configurations that you can
use to grant limited IIS Administrator privileges without making these folks
full-fledged Administrators of the Operating System.

See my website at http://www.johnalderson.com - choose "IIS" from the left
hand menu then choose "IIS Operators".

Or, use this link for a non-framed direct link =>
http://www.johnalderson.com/IIS/iisoperators.htm

This technique will allow folks to add and modify virtual directories and
even websites, depending on what metabase level you make ACL changes. I
have used this method in production environments with success. That said,
the methods are certainly not perfect but I welcome feedback and/or
scenarios to research.

John Alderson

Relevant Pages

  • Re: Problem with connect computer wizard
    ... You mentioned that you're using Anonymous access with Administrator ... Open ConnectComputer properties in IIS. ... And there is only the DNS server be configured on client ...
    (microsoft.public.windows.server.sbs)
  • Re: 2003 server hangs at Applying Computer Settings - Cant login
    ... Or maybe the server was configured to auto-login the administrator -- and ... has always been catestrophic and requires reinstalling IIS. ... > accounts still loaded in memory, and therefore Exchange and other services ...
    (microsoft.public.windows.server.general)
  • Re: IIS FrontPage Virtual Sever Administration Site Administration : 401.1 for individual sites
    ... I have installed and can use the FrontPage extensions (sites published ... I have a Microsoft Sharepoint Administrator item in my Administrative ... tools and in IIS. ... install IIS. ...
    (microsoft.public.inetserver.iis.security)
  • RE: 2 Problems (INDIGO + ASP.NET 2.0)
    ... I have the following on my machine (Windows Vista build 5308) successfully ... Administrators group on the local computer to access the IIS metabase...", ... account, and to be also sure, I logged ... name "Administrator" which is the built-in administrator account with ...
    (microsoft.public.dotnet.framework.aspnet)
  • RE: 2 Problems (ASP.NET 2.0 + INDIGO)
    ... I have the following on my machine (Windows Vista build 5308) successfully ... Administrators group on the local computer to access the IIS metabase...", ... account, and to be also sure, I logged ... name "Administrator" which is the built-in administrator account with ...
    (microsoft.public.dotnet.framework.aspnet.security)