?
Solved

Allow a web developer access to iis only

Posted on 2004-09-11
5
Medium Priority
?
198 Views
Last Modified: 2010-05-18
I want to let a web programmer have access to iis on our web server and allow him to do so using terminal services.  How can I allow him access to iis only?  He develops dll files for the sites as well though I don't want to give him admin rights.

I've gotten the login part by switching terminal services to application mode but he can't access iis.

Is there a better way to do this all together?

Thanks in advance!
0
Comment
Question by:zenportafino
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 15

Expert Comment

by:Cyber-Dude
ID: 12037696
http://searchwin2000.techtarget.com/searchWin2000/downloads/MCSEWinServAiOch14.pdf

Great article for you. Its free and extremely valuable;

Cyber
0
 
LVL 1

Author Comment

by:zenportafino
ID: 12041229
Is that a site that requires a login?  I'm not getting that link to work.
0
 
LVL 1

Author Comment

by:zenportafino
ID: 12041272
OK I got the article.  It's good information on the basics of RRAS.  This user is in-house so a remote access set up is not necessary.  Sorry if I wasn't clear on that.  I want him to be able to open up remote desktop, point to the web server, login in locally to that web server, and then be able to open iis on it and place/replace dll files, configure all of the tabs in iis, create new virtual directories, all that good stuff.

I've got the logon locally issue part. I'm looking for a way to get him access to just iis. Can I modify the a built in role or set the acl on iis to grant him full control of the program (if possible)?

I don't want to use the administration site that is built in by default.

Thanks Cyber.
0
 
LVL 15

Accepted Solution

by:
Cyber-Dude earned 1200 total points
ID: 12041772
OK, the basics you already have (according to the document); now all you have left with is to use one of the following remote control applications: You can use WinVNC (Server/Client),  Terminal services and forth...

I use WinVNC because it is free of charge and you can set a password to a remote desktop thus set a remote environment for the user where it can access resources you wish it would. After implementing the Server's side, its time to implement the client side. Remember, 1. you can set remote access policies as mentioned in the document I sent you... its all there; and 2. Set propper remote environment so that the remote user wont be able to do damage to your machine.

The link to WinVNC:
http://www.realvnc.com/winvnc.html

Cyber
0
 
LVL 1

Expert Comment

by:Ev-
ID: 12050778
If they only need to administer IIS do the following (this is close to what we do here);

Get them to install the IIS 6.0 Manager - these both are availbile from the MS website. http://tinyurl.com/q150.

Once that is done create a "tech" login that is a power user (?) of the server he wishes to admin. Get him to load the IIS6 Manger using "RunAs". You may be able to restrict the tech account to just IIS on the server, I have never looked closely into it.

This way you avoid him TSing onto the box, or even VNC'ing.

If he does need to be an admin to access IIS, at least he is doing it via a snap-in from his desktop, and not remotely controlling the server as one!

See how you go.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
Check out what's been happening in the Experts Exchange community.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question