Solved

HTPASSWD for NT 4 IIS www server

Posted on 1998-11-20
5
340 Views
Last Modified: 2013-12-25
I have an NT 4 server running IIS.  How can I password protect the different directories using .htaccess and .htpasswd?  I do have access to an Apache web server and on the Apache all I do is run HTPASSWD and create the .htpasswd file.  When I copied the HTPASSWD file to the NT server it will not run.  Does anyone know how to do this on an NT server?
0
Comment
Question by:ccreel
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 5

Expert Comment

by:aioudine
ID: 1856574
Unix-like authentication (using .htpasswd)
is not support in IIS

It's implemented using NT security
By default, when you install IIS, you also create anonymous login user
(I don't remeber his login name, samething IU????)
which has read rigth to server root
To restrict access for specific directory  you should first assign NoAccess rigth to
anonymous user

Then create user account for each user whom you will grant rigth to access this directory
(login name, password)
And after this you should give this users read rigth to directory


HTH


0
 
LVL 5

Expert Comment

by:aioudine
ID: 1856575
Additional:
directory must be stored on NTFS partition
and checkbox "basic Autentication" in "WWW service" should be enabled
0
 

Author Comment

by:ccreel
ID: 1856576
That is the way that I am currently protecting the entire web site.  What I want to be able to do is have the main site open to the world with no password and have subdirs that are username and password protected.  If I leave the main site open to the world, I cant figure out how to then protect the underlying dirs.
0
 
LVL 5

Accepted Solution

by:
aioudine earned 100 total points
ID: 1856577
I don't understand why you can do this
On my test NT

I have following:
a) IUSR_SERVER account (anonymous internet access) is enabled
and his member of Everyone group

b) In Internet server manager I have
Anonymous, Basic, and Windows NT Autentication checkbox enabled

To restrict access by username/password

1) I create user using User Manager for Domain, set loginname (say private) , password
and in Policy menu grant them right "Login localy"
2) After this I create directory under wwwroot
3) Run NT Explorer, select this directory and rigth click on them
and click on "Properties"
4) Select Security tab and click Permission button
5) Remove permission for Everyone
6) Select Replace permition for subdirs
7) Add read permission for user "private"

After this user able to access regular dir (IIS docs for exaple)
but when his try access "private" dir, his got "Enter name/password"
popup windows and forced for entering valid loginname and password

PS This well described in IIS doc Chapter 5 "Securing Your Site Against Intruders"
available after instalation at http://youreserver/iisadmin/htmldocs/05_iis.htm#4h1

0
 

Author Comment

by:ccreel
ID: 1856578
Thanks for the fast response and the detailed answers.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Does your audience prefer people in photos or no people? How can you best highlight what you’re selling? What are your competitors doing, and what can you do that is different and unique from them?  Continue reading to learn how to make your images …
Dramatic changes are revolutionizing how we build and use technology. Every company is automating, digitizing, and modernizing operations. We need a better, more connected way to work together as teams so we can harness the insights from our system…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.
The viewer will get a basic understanding of what section 508 compliance can entail, learn about skip navigation links, alt text, transcripts, and font size controls.

626 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question