Re: Intranet Security
- From: "Miha Pihler [MVP]" <mihap-news@xxxxxxxxxxx>
- Date: Tue, 22 Aug 2006 17:49:41 +0200
Hi,
Well this is usually quite simple. Remove Anonymous access on IIS for this
website or folder (if you haven't done so yet). Now what you need to do is
set up NTFS permissions on the folder where your files are stored that only
user 1, 2 and 3 can access (and e.g. administrators). If you remove everyone
else (e.g. everyone group, domain users group, .) from permission list,
users will get prompted for username and password (is you select basic
authentication) before they are granted access to the files.
Note: if you select basic authentication in IIS and you don't set up SSL
username and password are transferred in clear text from client to server.
--
Mike
Microsoft MVP - Windows Security
"Peter W. Caton" <PeterWCaton@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:C02AA9BF-9E16-48FB-844C-7841E7D0A041@xxxxxxxxxxxxxxxx
Here is what I want to do with IIS on a Windows 2003 server. The server
is a
part of our domain.
I have a basic Intranet troubleshooting website setup in IIS.
I want to limit access to a specific group of Active Directory users. In
other words, AD users 1, 2, 3 can access the intranet website, all other
users are denied.
How can I accomplish this?
I should also note that I am rather new to IIS, so the more detail you can
provide, the better.
Thanks.
.
- Prev by Date: Re: Make Client Cert Required in IIS on SBS 2003?
- Next by Date: Re: Intranet Security
- Previous by thread: Re: IIS 6 Question: How to Publish from FrontPage 2003
- Next by thread: Re: Intranet Security
- Index(es):
Relevant Pages
|
