Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 573
  • Last Modified:

IIS Manager restriction

I have a web server that I want to keep secured and locked down, however there is 1 user on our web domain that I want to grant access to use IIS manager from her own work station and connect to the webserver.   This user is not an administrator nor do we want the user to have administrative rights.  Can we just grant access to IIS so the user can create, edit, delete websites as they wish, but not have administrative access to the rest of the server?

How can I do this?  I remember it being a sort of local policy or something similar that allows me to lock down who accesses and who can administer the websites on that server, and do this without having them log into the server and launching IIS manager from there.

Thanks
0
jpipitone
Asked:
jpipitone
1 Solution
 
Dave_DietzCommented:
Official answer:

Configuration of IIS to allow non-administrative users to administer IIS is unsupported.

However:

326902      ACLs and using MetaACL for metabase ACL permission changes
http://support.microsoft.com/default.aspx?scid=kb;EN-US;326902

Be careful with this - it gives you the ability to hose your Metabase in such ugly ways that recovery is impossible short of replacing the Metabase.  It also allows you to break security of IIS so badly that anyone can do anything to your server.

(I would wait for IIS 7.0 - there are solutions to this very situation.....)

Dave Dietz


 
0
 
jpipitoneAuthor Commented:
Thank you for your help!! This will help us out a ton...
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now