Re: windows password for website?
From: Roger Abell [MVP] (mvpNoSpam_at_asu.edu)
Date: 09/07/05
- Next message: Roger Abell [MVP]: "Re: Good password change fails due to complexity."
- Previous message: Malke: "Re: Threat - DNS Host Name"
- In reply to: Duane Laflotte: "Re: windows password for website?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 6 Sep 2005 19:55:38 -0700
The one added factor is that the domain groups that are to have access
do need to have login rights on the IIS server. This could be done by
granting that to the local group that is defined for granting NTFS perms,
or less desirably, by adding the domain groups into the Users group.
While this is not needed on an IIS that has been left poorly configured
with Domain Users in User as a result of the domain join, it is needed
if Users has been latched down.
Also, it may be worth using the IE adm policy settings in a GPO in order
to reduce support calls by forcing IE to present Windows credentials.
-- ra "Duane Laflotte" <dlaflotte@criticalsites.com> wrote in message news:%23RB2oXusFHA.3264@TK2MSFTNGP12.phx.gbl... > This is possible. You will just need to have the intranet server be > apart > of the domain that the users log into. Then create a local group on the > web > server and give that group NTFS rights on the directory where the intranet > is located. Remove the IUSR_MACHINENAME user from the directory. Switch > your virtual root for the intranet to NTLM authentication and remove > Anonymous. That should be all you need to do. Your users will not be > prompted for username and password as long as their browsers are set to > use > current authentication. Because its an intranet you probably wont have to > worry about this setting as it would come in under the "Local Intranet" > zone > which always "Automatically Logs on with current username and password". > Good luck! > Duane > > > -- > Duane Laflotte > MCSE, MCSD, MCDBA, MCSA, MCT, MCP+I > dlaflotte@criticalsites.com > http://www.criticalsites.com/dlaflotte > http://www.cyberspacesamurai.com > > > > "sblaw" <andreas.wieser@swarovski.com> wrote in message > news:1126008314.519443.262620@o13g2000cwo.googlegroups.com... >> i want a certain group of people to have access to an intranet platform >> - no remote-access! >> i would like to realize some kind of Single Sign On solution: is it >> possible to create a restricted area, where only this certain group of >> people has instant access to the page? i want them to enter their >> password when logging on their system, but not when entering the page? >> >> thanks a lot, andreas >> > >
- Next message: Roger Abell [MVP]: "Re: Good password change fails due to complexity."
- Previous message: Malke: "Re: Threat - DNS Host Name"
- In reply to: Duane Laflotte: "Re: windows password for website?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
