Re: file security/authentication

I have, granted permissions to this file to domain users. I had thought that
if ANONYMOUS access is turned off in IIS for an object and I authenticated
using INTEGRATED WINDOWS AUTHENTICATION, then the users credentials would be
passed to the object prior to access.




"Roger Abell [MVP]" <mvpNoSpam@xxxxxxx> wrote in message
news:eE3PNA1lGHA.3732@xxxxxxxxxxxxxxxxxxxxxxx
OK, so I must be missing something, or just do not get
what "vice the actual user . . . " means.
So, what you have done is not effecting what you want?
You did ACL the restricted part with a grant to the account(s)
that should have access ? Ideally this is with a group from
the domain that is also either in the IIS's Users group or is
granted network logon user right.

--
Roger Abell
Microsoft MVP (Windows Server : Security)

"Carl Hilton" <someone@xxxxxxxxxxxxx> wrote in message
news:ewSAGBvlGHA.3588@xxxxxxxxxxxxxxxxxxxxxxx
OK, I thought I had tackled this before a while a ago but forgot what I
did...

I am running IIS6 on a W2K3 server. for most of my site I have Anonymous
access authorized. I have one file that I want to use the local system
ACLs to authenticate with... I have turned off Anonymous access, I have
Integrated Authentication turned on. I have removed IUSR_XXXX from the
local ACL's. If I use my IE to access the file, the audit log shows a
failure for IUSR vice the actual user....

This is on an internal INTRANET,

How can I tweak the system so that the actual user's credintials are used
to verify file permissions.

Thansk
Carl






.

Relevant Pages

  • RE: Save IE password thorugh group policy
    ... that web site, this remote cookie will pickup the password so that the users ... You can configure IIS to Anonymous access or Digest ... Configure Authentication in IIS ...
    (microsoft.public.windows.group_policy)
  • Re: User ASPNET in SQL Server 2000
    ... When you hit a web application that has anonymous access, ... While I love integrated security in SQL Server, it is often a pain in web ... maintenance of accounts with access. ... >>> authentication", and has the same users as in Win 2000 ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: My boss....
    ... Click the Edit button under Authentication and access control, ... properties, Web site tab, Advanced button) ... Exchange virtual directory, clear the anonymous access box, clear Integrated ...
    (microsoft.public.windows.server.dns)
  • Re: Implement AuthenticationButton for anonymous and integrated access
    ... You'll want to set your portal up for anonymous access. ... Windows Authentication is checked. ... they are part of the SharePoint domain. ... users will be prompted to log in to access these javascript files. ...
    (microsoft.public.sharepoint.portalserver.development)
  • Re: ISA 2004 report problem; IP addresses instead of user accounts
    ... Firewall Clients did not have anonymous access. ... , web proxy, authentication. ... The only way to tell is by reviewing traffic in the isa ...
    (microsoft.public.isa)