Solved

HTPASSWD for NT 4 IIS www server

Posted on 1998-11-20
5
336 Views
Last Modified: 2013-12-25
I have an NT 4 server running IIS.  How can I password protect the different directories using .htaccess and .htpasswd?  I do have access to an Apache web server and on the Apache all I do is run HTPASSWD and create the .htpasswd file.  When I copied the HTPASSWD file to the NT server it will not run.  Does anyone know how to do this on an NT server?
0
Comment
Question by:ccreel
  • 3
  • 2
5 Comments
 
LVL 5

Expert Comment

by:aioudine
ID: 1856574
Unix-like authentication (using .htpasswd)
is not support in IIS

It's implemented using NT security
By default, when you install IIS, you also create anonymous login user
(I don't remeber his login name, samething IU????)
which has read rigth to server root
To restrict access for specific directory  you should first assign NoAccess rigth to
anonymous user

Then create user account for each user whom you will grant rigth to access this directory
(login name, password)
And after this you should give this users read rigth to directory


HTH


0
 
LVL 5

Expert Comment

by:aioudine
ID: 1856575
Additional:
directory must be stored on NTFS partition
and checkbox "basic Autentication" in "WWW service" should be enabled
0
 

Author Comment

by:ccreel
ID: 1856576
That is the way that I am currently protecting the entire web site.  What I want to be able to do is have the main site open to the world with no password and have subdirs that are username and password protected.  If I leave the main site open to the world, I cant figure out how to then protect the underlying dirs.
0
 
LVL 5

Accepted Solution

by:
aioudine earned 100 total points
ID: 1856577
I don't understand why you can do this
On my test NT

I have following:
a) IUSR_SERVER account (anonymous internet access) is enabled
and his member of Everyone group

b) In Internet server manager I have
Anonymous, Basic, and Windows NT Autentication checkbox enabled

To restrict access by username/password

1) I create user using User Manager for Domain, set loginname (say private) , password
and in Policy menu grant them right "Login localy"
2) After this I create directory under wwwroot
3) Run NT Explorer, select this directory and rigth click on them
and click on "Properties"
4) Select Security tab and click Permission button
5) Remove permission for Everyone
6) Select Replace permition for subdirs
7) Add read permission for user "private"

After this user able to access regular dir (IIS docs for exaple)
but when his try access "private" dir, his got "Enter name/password"
popup windows and forced for entering valid loginname and password

PS This well described in IIS doc Chapter 5 "Securing Your Site Against Intruders"
available after instalation at http://youreserver/iisadmin/htmldocs/05_iis.htm#4h1

0
 

Author Comment

by:ccreel
ID: 1856578
Thanks for the fast response and the detailed answers.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How can I split the array as 4 rows per line? 5 79
(URGENT) Help HTML and CSS Resizing Images 2 39
What about 192.168.1.0/28 3 30
Reinstall Putty Windows 7 5 44
Boost your ability to deliver ambitious and competitive web apps by choosing the right JavaScript framework to best suit your project’s needs.
Developer portfolios can be a bit of an enigma—how do you present yourself to employers without burying them in lines of code?  A modern portfolio is more than just work samples, it’s also a statement of how you work.
Viewers will get an overview of the benefits and risks of using Bitcoin to accept payments. What Bitcoin is: Legality: Risks: Benefits: Which businesses are best suited?: Other things you should know: How to get started:
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

948 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now