>-----Original Message-----
>Hi Ash,
>
>From my understanding to your issue, I think that the
IIS management
>console cannot match your requirement. Actually,
granting other people
>permissions to configure IIS is quite dangerous. For
example, if somebody
>can create an application with low protection level. He
can run any ASP
>page using the system account, which means he can
control the whole system.
>Therefore, if it is really necessary for you to delegate
the permissions, I
>suggest you delegate as few permissions as possible. For
example, you can
>write some code and call logonuser function to logon as
the administrator
>account to complete the tasks. You should limit the
user's ability of this
>management tool. I would suggest you to customize the
existing IIS HTML
>management tool. You can also build an IIS management
application to use
>the special accout or group to manage IIS. Each
operation in the
>application should be restriceted with the account or
group specified by
>you. You can narrow the NTFS ACL of directory or HTTP
access to only the
>accout or group specified by you. The ADSI and WMI can
help you a lot on
>programming to manage the IIS.
>
>Does this answer your question? Thank you for using
Microsoft NewsGroup!
>
>Wei-Dong Xu
>Microsoft Product Support Services
>Get Secure! - www.microsoft.com/security
>This posting is provided "AS IS" with no warranties, and
confers no rights.
>
>.