Solved

Allow a web developer access to iis only

Posted on 2004-09-11
5
188 Views
Last Modified: 2010-05-18
I want to let a web programmer have access to iis on our web server and allow him to do so using terminal services.  How can I allow him access to iis only?  He develops dll files for the sites as well though I don't want to give him admin rights.

I've gotten the login part by switching terminal services to application mode but he can't access iis.

Is there a better way to do this all together?

Thanks in advance!
0
Comment
Question by:zenportafino
  • 2
  • 2
5 Comments
 
LVL 15

Expert Comment

by:Cyber-Dude
ID: 12037696
http://searchwin2000.techtarget.com/searchWin2000/downloads/MCSEWinServAiOch14.pdf

Great article for you. Its free and extremely valuable;

Cyber
0
 
LVL 1

Author Comment

by:zenportafino
ID: 12041229
Is that a site that requires a login?  I'm not getting that link to work.
0
 
LVL 1

Author Comment

by:zenportafino
ID: 12041272
OK I got the article.  It's good information on the basics of RRAS.  This user is in-house so a remote access set up is not necessary.  Sorry if I wasn't clear on that.  I want him to be able to open up remote desktop, point to the web server, login in locally to that web server, and then be able to open iis on it and place/replace dll files, configure all of the tabs in iis, create new virtual directories, all that good stuff.

I've got the logon locally issue part. I'm looking for a way to get him access to just iis. Can I modify the a built in role or set the acl on iis to grant him full control of the program (if possible)?

I don't want to use the administration site that is built in by default.

Thanks Cyber.
0
 
LVL 15

Accepted Solution

by:
Cyber-Dude earned 400 total points
ID: 12041772
OK, the basics you already have (according to the document); now all you have left with is to use one of the following remote control applications: You can use WinVNC (Server/Client),  Terminal services and forth...

I use WinVNC because it is free of charge and you can set a password to a remote desktop thus set a remote environment for the user where it can access resources you wish it would. After implementing the Server's side, its time to implement the client side. Remember, 1. you can set remote access policies as mentioned in the document I sent you... its all there; and 2. Set propper remote environment so that the remote user wont be able to do damage to your machine.

The link to WinVNC:
http://www.realvnc.com/winvnc.html

Cyber
0
 
LVL 1

Expert Comment

by:Ev-
ID: 12050778
If they only need to administer IIS do the following (this is close to what we do here);

Get them to install the IIS 6.0 Manager - these both are availbile from the MS website. http://tinyurl.com/q150.

Once that is done create a "tech" login that is a power user (?) of the server he wishes to admin. Get him to load the IIS6 Manger using "RunAs". You may be able to restrict the tech account to just IIS on the server, I have never looked closely into it.

This way you avoid him TSing onto the box, or even VNC'ing.

If he does need to be an admin to access IIS, at least he is doing it via a snap-in from his desktop, and not remotely controlling the server as one!

See how you go.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Healthcare organizations in the United States must adhere to the guidance of both the HIPAA (Health Insurance Portability and Accountability Act) and HITECH (Health Information Technology for Economic and Clinical Health Act) for securing and protec…
Big data transfers via information superhighways require special attention and protection. Learn more about the IT-regulations of the country where your server is located. Analyze cloud providers and their encryption systems for safe data transit. S…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now