IIS 6 question

Discussion in 'Windows Server Systems' started by gballard, Jul 5, 2005.

  1. gballard

    gballard Moderator

    Messages:
    549
    We have a server here at the office that serves as a repository of all of our server information, docs, files, etc. A few years back I threw together a rather crude webpage that housed tech support numbers, Terminal Server Advanced Client, and other pertinent information related to our servers in the company. The only group that needs to access this information is the Domain Admins group. At one time I had the security set on this website so that non-members of the Domain Admin group would get prompted for a username, password, and domain when they tried to hit the page and could go no further. For some reason, that prompting has stopped and now any user on the domain can hit the page with no problem. Could anyone familiar with IIS 6 perhaps point me to some documentation that describes securing this website. Thanks in advance for any info.
     
  2. ThePatriot

    ThePatriot -=[BOHICA!]=- Political User

    Messages:
    1,742
    Location:
    Pennsylvania
  3. kcnychief

    kcnychief █▄█ ▀█▄ █ Political User Folding Team

    Messages:
    16,948
    Location:
    Massachusetts
    I agree with the article listed above me, good post by him. Sounds like somehow things got messed up, and IIS reverted to Integrated Windows Authentication. (This would be why no one is being prompted for credentials)
     
  4. madmatt

    madmatt Bow Down to the King Political User

    Messages:
    13,312
    Location:
    New York
    I haven't read the article, but you can set permissions on the directory itself.

    e.g. C:\Inetpub\wwwroot

    Set permissions so only Domain Admins have access to it.