Solved

HTPASSWD for NT 4 IIS www server

Posted on 1998-11-20
5
331 Views
Last Modified: 2013-12-25
I have an NT 4 server running IIS.  How can I password protect the different directories using .htaccess and .htpasswd?  I do have access to an Apache web server and on the Apache all I do is run HTPASSWD and create the .htpasswd file.  When I copied the HTPASSWD file to the NT server it will not run.  Does anyone know how to do this on an NT server?
0
Comment
Question by:ccreel
  • 3
  • 2
5 Comments
 
LVL 5

Expert Comment

by:aioudine
ID: 1856574
Unix-like authentication (using .htpasswd)
is not support in IIS

It's implemented using NT security
By default, when you install IIS, you also create anonymous login user
(I don't remeber his login name, samething IU????)
which has read rigth to server root
To restrict access for specific directory  you should first assign NoAccess rigth to
anonymous user

Then create user account for each user whom you will grant rigth to access this directory
(login name, password)
And after this you should give this users read rigth to directory


HTH


0
 
LVL 5

Expert Comment

by:aioudine
ID: 1856575
Additional:
directory must be stored on NTFS partition
and checkbox "basic Autentication" in "WWW service" should be enabled
0
 

Author Comment

by:ccreel
ID: 1856576
That is the way that I am currently protecting the entire web site.  What I want to be able to do is have the main site open to the world with no password and have subdirs that are username and password protected.  If I leave the main site open to the world, I cant figure out how to then protect the underlying dirs.
0
 
LVL 5

Accepted Solution

by:
aioudine earned 100 total points
ID: 1856577
I don't understand why you can do this
On my test NT

I have following:
a) IUSR_SERVER account (anonymous internet access) is enabled
and his member of Everyone group

b) In Internet server manager I have
Anonymous, Basic, and Windows NT Autentication checkbox enabled

To restrict access by username/password

1) I create user using User Manager for Domain, set loginname (say private) , password
and in Policy menu grant them right "Login localy"
2) After this I create directory under wwwroot
3) Run NT Explorer, select this directory and rigth click on them
and click on "Properties"
4) Select Security tab and click Permission button
5) Remove permission for Everyone
6) Select Replace permition for subdirs
7) Add read permission for user "private"

After this user able to access regular dir (IIS docs for exaple)
but when his try access "private" dir, his got "Enter name/password"
popup windows and forced for entering valid loginname and password

PS This well described in IIS doc Chapter 5 "Securing Your Site Against Intruders"
available after instalation at http://youreserver/iisadmin/htmldocs/05_iis.htm#4h1

0
 

Author Comment

by:ccreel
ID: 1856578
Thanks for the fast response and the detailed answers.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Author Note: Since this E-E article was originally written, years ago, formal testing has come into common use in the world of PHP.  PHPUnit (http://en.wikipedia.org/wiki/PHPUnit) and similar technologies have enjoyed wide adoption, making it possib…
Using SQL Scripts we can save all the SQL queries as files that we use very frequently on our database later point of time. This is one of the feature present under SQL Workshop in Oracle Application Express.
This tutorial walks through the best practices in adding a local business to Google Maps including how to properly search for duplicates, marker placement, and inputing business details. Login to your Google Account, then search for "Google Mapmaker…
The viewer will learn how to dynamically set the form action using jQuery.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now