Domain User Accounts -- iis security

anonymous NO[at]SPAM discussions.microsoft.com
5/20/2004 7:39:16 AM

Ok the site is already not anonymous as soon as you enter
the url it asks for a user/password. My problem is this I
have about 10 domains on my server, and users that have
access to modify certain domains via frontpage well the
users that have access to modify the other domains can
access the site that is not anonymous even though they are
not listed users of that site. Any help greatly apreciated

Thanks
[quoted text, click to view]

Bernard
5/20/2004 5:18:44 PM

If the site is anonymous access, anyone can access it. To avoid that you
need to configure other authentication method where user need to enter user
credential. You can also restrict site access based on IP address, meaning
if the IP is not in access list or in deny list, user will not be able to
access the site.
--
Regards,
Bernard Cheah
http://www.tryiis.com/
http://support.microsoft.com/
http://www.msmvps.com/bernard/

[quoted text, click to view]

Ken Schaefer
5/21/2004 11:28:19 AM

Change NTFS permissions. Create groups of users. Only give the appropriate
groups permissions to the web content in each website.

At the moment you seem to be forcing authentication, but you are not denying
anyone access (everyone has access to everything). Instead, force
authentication, and limit the users who can access the content.

Cheers
Ken

[quoted text, click to view]
: Ok the site is already not anonymous as soon as you enter
: the url it asks for a user/password. My problem is this I
: have about 10 domains on my server, and users that have
: access to modify certain domains via frontpage well the
: users that have access to modify the other domains can
: access the site that is not anonymous even though they are
: not listed users of that site. Any help greatly apreciated
:
: Thanks
: >-----Original Message-----
: >If the site is anonymous access, anyone can access it. To
: avoid that you
: >need to configure other authentication method where user
: need to enter user
: >credential. You can also restrict site access based on IP
: address, meaning
: >if the IP is not in access list or in deny list, user
: will not be able to
: >access the site.
: >--
: >Regards,
: >Bernard Cheah
: >http://www.tryiis.com/
: >http://support.microsoft.com/
: >http://www.msmvps.com/bernard/
: >
: >
: >
[quoted text, click to view]
: in message
: >news:f88a01c43e10$198d0e50$a001280a@phx.gbl...
: >> I have iis server running windows 2000 server and have
: >> several domains. I noticed that users of other domains
: on
: >> my server can log onto protected domains. Although a
: user
: >> can not log onto another site using frontpage. Example
: >> User from domain 1 can log onto a non anonymous site at
: >> domain 2
: >> But the user from domain 1 can not front page into
: domain
: >> 2 with that account. How can I make it so that only
: >> people that are suppose to access that site can access
: it
: >> and not other users on my server
: >>
: >> Thanks
: >
: >
: >.
: >

Got something to say? Click here to post a reply to this thread.

Don't see what you're looking for? Try a search.

View other messages about iis security

iis security : Domain User Accounts