Below are the steps i used in Hardened windows 2003 with IIS pre-installed. any suggestion/recommendation greatly appreciated.
1. Create a local user called "HRser"
2. create a New website in IIS called "HR"
3. Install the web application by choosing the New Website created. Also, removed the "Virtual Directory" content.
4. install the system successfully.
5. goto IIS, and right click the system installed and choose "Directory Security"
5a. Click Edit and ensure "Anonymouse" ticked.
5b. Change the username to the New user created "HRUser" and enter the password. I removed the default id which is IUSR_machine name
6. Also, Click "Permissions" and give the read/browse/execute access for the new user created.
7. set the port to 8080
When i run the system using brower, the following Error message appears:
"the current identity (NT AUTHORITY\NETWORK SERVICE) does not have write access to 'C:\WINNT\microsoft.net\fr
amework\v2
.0.50727\t
emporary asp.net files'
8. so, therefore i have added NT AUTHORITY\NETWORK SERVICE read/write access to C:\WINNT and it's sub folders.. Is it right????????
Question 1.
========
The steps followed are correct?? any suggestion/recommendation to change greatly appreciated.
Question 2.
========
the system also have the option to "Upload" files to certain folders. e.g. D:\app\upload
So, i presume i can give the Read/Write "D:\app\upload" for new user created ("HRuser") and Network service..
