Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

HTPASSWD for NT 4 IIS www server

Posted on 1998-11-20
5
Medium Priority
?
341 Views
Last Modified: 2013-12-25
I have an NT 4 server running IIS.  How can I password protect the different directories using .htaccess and .htpasswd?  I do have access to an Apache web server and on the Apache all I do is run HTPASSWD and create the .htpasswd file.  When I copied the HTPASSWD file to the NT server it will not run.  Does anyone know how to do this on an NT server?
0
Comment
Question by:ccreel
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 5

Expert Comment

by:aioudine
ID: 1856574
Unix-like authentication (using .htpasswd)
is not support in IIS

It's implemented using NT security
By default, when you install IIS, you also create anonymous login user
(I don't remeber his login name, samething IU????)
which has read rigth to server root
To restrict access for specific directory  you should first assign NoAccess rigth to
anonymous user

Then create user account for each user whom you will grant rigth to access this directory
(login name, password)
And after this you should give this users read rigth to directory


HTH


0
 
LVL 5

Expert Comment

by:aioudine
ID: 1856575
Additional:
directory must be stored on NTFS partition
and checkbox "basic Autentication" in "WWW service" should be enabled
0
 

Author Comment

by:ccreel
ID: 1856576
That is the way that I am currently protecting the entire web site.  What I want to be able to do is have the main site open to the world with no password and have subdirs that are username and password protected.  If I leave the main site open to the world, I cant figure out how to then protect the underlying dirs.
0
 
LVL 5

Accepted Solution

by:
aioudine earned 400 total points
ID: 1856577
I don't understand why you can do this
On my test NT

I have following:
a) IUSR_SERVER account (anonymous internet access) is enabled
and his member of Everyone group

b) In Internet server manager I have
Anonymous, Basic, and Windows NT Autentication checkbox enabled

To restrict access by username/password

1) I create user using User Manager for Domain, set loginname (say private) , password
and in Policy menu grant them right "Login localy"
2) After this I create directory under wwwroot
3) Run NT Explorer, select this directory and rigth click on them
and click on "Properties"
4) Select Security tab and click Permission button
5) Remove permission for Everyone
6) Select Replace permition for subdirs
7) Add read permission for user "private"

After this user able to access regular dir (IIS docs for exaple)
but when his try access "private" dir, his got "Enter name/password"
popup windows and forced for entering valid loginname and password

PS This well described in IIS doc Chapter 5 "Securing Your Site Against Intruders"
available after instalation at http://youreserver/iisadmin/htmldocs/05_iis.htm#4h1

0
 

Author Comment

by:ccreel
ID: 1856578
Thanks for the fast response and the detailed answers.
0

Featured Post

Simplify Your Workload with One Tool

How do you combat today’s intelligent hacker while managing multiple domains and platforms? By simplifying your workload with one tool. With Lunarpages hosting through Plesk Onyx, you can:

Automate SSL generation and installation with two clicks
Experience total server control

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Today, the web development industry is booming, and many people consider it to be their vocation. The question you may be asking yourself is – how do I become a web developer?
When crafting your “Why Us” page, there are a plethora of pitfalls to avoid. Follow these five tips, and you’ll be well on your way to creating an effective page.
Viewers will get an overview of the benefits and risks of using Bitcoin to accept payments. What Bitcoin is: Legality: Risks: Benefits: Which businesses are best suited?: Other things you should know: How to get started:
Any person in technology especially those working for big companies should at least know about the basics of web accessibility. Believe it or not there are even laws in place that require businesses to provide such means for the disabled and aging p…
Suggested Courses

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question