Permissions_on_ASP.DLL_in_.\system32\inetsrv

Rod Tesanovic
3/30/2004 9:44:34 AM

Hi,

I faced quite a challenge after setting up CA server on
domain controller on freshly installed Windows 2003
Server. Anyone except domain administrators could not
access .\certsrv WEB page. After tremendous time of
checking possible and impossible I finally got to ASP.DLL
where "domain\user" group was the one to have read access,
but there was no groups like Everyone or "domain\domain
users". As soon as I put my testing account
into "domain\user" group all was good.

My question is: Why is this set this way by default
obviously? What would be the recommendation for security
maintenance of ASP.DLL? Do I just give "domain users" read
and read & execute or .

Thanks

Rod Tesanovic
3/31/2004 8:56:12 AM

All seem to be OK except that my built-in domain local
group USERS was not inhabited by "domain users". Thanks a
lot for a useful link.

[quoted text, click to view]

Bernard
3/31/2004 3:39:47 PM

You might want to try this kb.
INFO: Default Permissions and User Rights for IIS 6.0
http://support.microsoft.com/?id=812614

I setup CA /certsrv before, I do not have any problem with it,
by default, /certsrv allow anonymous acces.

--
Regards,
Bernard Cheah
http://support.microsoft.com/
http://www.msmvps.com/bernard/

[quoted text, click to view]

Got something to say? Click here to post a reply to this thread.

Don't see what you're looking for? Try a search.

View other messages about iis security

iis security : Permissions_on_ASP.DLL_in_.\system32\inetsrv_folder