[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 201
  • Last Modified:

Allow a web developer access to iis only

I want to let a web programmer have access to iis on our web server and allow him to do so using terminal services.  How can I allow him access to iis only?  He develops dll files for the sites as well though I don't want to give him admin rights.

I've gotten the login part by switching terminal services to application mode but he can't access iis.

Is there a better way to do this all together?

Thanks in advance!
0
zenportafino
Asked:
zenportafino
  • 2
  • 2
1 Solution
 
Cyber-DudeCommented:
http://searchwin2000.techtarget.com/searchWin2000/downloads/MCSEWinServAiOch14.pdf

Great article for you. Its free and extremely valuable;

Cyber
0
 
zenportafinoAuthor Commented:
Is that a site that requires a login?  I'm not getting that link to work.
0
 
zenportafinoAuthor Commented:
OK I got the article.  It's good information on the basics of RRAS.  This user is in-house so a remote access set up is not necessary.  Sorry if I wasn't clear on that.  I want him to be able to open up remote desktop, point to the web server, login in locally to that web server, and then be able to open iis on it and place/replace dll files, configure all of the tabs in iis, create new virtual directories, all that good stuff.

I've got the logon locally issue part. I'm looking for a way to get him access to just iis. Can I modify the a built in role or set the acl on iis to grant him full control of the program (if possible)?

I don't want to use the administration site that is built in by default.

Thanks Cyber.
0
 
Cyber-DudeCommented:
OK, the basics you already have (according to the document); now all you have left with is to use one of the following remote control applications: You can use WinVNC (Server/Client),  Terminal services and forth...

I use WinVNC because it is free of charge and you can set a password to a remote desktop thus set a remote environment for the user where it can access resources you wish it would. After implementing the Server's side, its time to implement the client side. Remember, 1. you can set remote access policies as mentioned in the document I sent you... its all there; and 2. Set propper remote environment so that the remote user wont be able to do damage to your machine.

The link to WinVNC:
http://www.realvnc.com/winvnc.html

Cyber
0
 
Ev-Commented:
If they only need to administer IIS do the following (this is close to what we do here);

Get them to install the IIS 6.0 Manager - these both are availbile from the MS website. http://tinyurl.com/q150.

Once that is done create a "tech" login that is a power user (?) of the server he wishes to admin. Get him to load the IIS6 Manger using "RunAs". You may be able to restrict the tech account to just IIS on the server, I have never looked closely into it.

This way you avoid him TSing onto the box, or even VNC'ing.

If he does need to be an admin to access IIS, at least he is doing it via a snap-in from his desktop, and not remotely controlling the server as one!

See how you go.
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now