Re: Locking down FPSE

Yes, its version 2000 (its on IIS 5.0). As it is set now, the Everyone
group is currently given Browser role. However, anyone with Interdev
installed can still read the source codes.

Ken Schaefer wrote:

The answer to this question depends on which version of FPSE you are using.

For FPSE2000 (which ships with IIS5.0), the configuration of FPSE offers to
create three local groups (admins, authors and browsers). If you do not
choose to create these groups, you can run into problems such as what you
are experiencing. You should create these groups, and place the necessary
users into each group. FPSE2000 uses NTFS permissions to control access to
files. Provided you create the groups, and the other users are not in the
Authors or Admins group, they won't be able to get access to source code.

For FPSE2002 (which ships with IIS6.0, and can be installed on IIS5.0 as
well), you can either use Window accounts or non-Windows accounts to control
access. Again, ensuring that not everyone has access to source does rely on
configuring this properly.


"psychogenic" <angrylife@xxxxxxxxx> wrote in message
: Does Visual Interdev use an account to gain access to a remote web
: server or does IIS treat it as an anonymous guest user? We have web
: developers who insist on having FPSE installed on the production server
: but the problem is we also have other people in our WAN who have
: Interdev installed (other subnets) and can reach and read source codes
: on the server. This of course is a big issue with them but they also
: don't want to lose FPSE. In the past I've always had web teams install
: FPSE on an anonymous test server and then ftp/copr-n-paste their
: changes onto the production site but in this situation it looks like I
: can't do that... yet. How do you all lock down FPSE if it were placed
: on a web server that's public and accessible to the public? :(