9SS
asked on
WebDav access/permissions using Active Directory
Having security access permision issues when I disable the anonymous account for our webDAV directory (yes its a virtual site & Yes we have adjusted permissions at the root site level). If anonymous is enabled then any user can browse our site and (http://www.vosinc.com/vosapps) and download or upload content. When logon anonymously is disabled and any of the other method of security in IIS is enabled (in an attempt to control access), the logon box is presented, one enters AD credentials and access is denied after going through this cycle 3 times, the first 2 times just cause the logon box to reappear.
Configuration of system Server 2003, IIS 6.0, seperate Active Directory controller
WebDAV; Virtual directory, files of directory on a 3rd server (domain member), Access permissions have been granted to this file directory on 3rd server
What else can I try
Configuration of system Server 2003, IIS 6.0, seperate Active Directory controller
WebDAV; Virtual directory, files of directory on a 3rd server (domain member), Access permissions have been granted to this file directory on 3rd server
What else can I try
lamaslany
Have you set the NTFS permissions on the folder(s) users are to upload to/download from?
ASKER
Yes, I have adjust file folder and directory permissions, I added individual users and the domain users group. I double checked users accounts making sure they in fact were members of the Domain users group. Again if I enable Anonymous then no problems but if I attempt to enable any other level of security be it local or domain controlled nobody can access this portion of the site. BTW we are not attempting to access this locally, we are in fact access or attemoting to access this via the internet using only IE at this point.
Can you confirm what type(s) of authentication you have allowed users to use for their login?
ASKER
NTLM
Have you tried Basic? (might be an idea to issue a selfcert to encrypt the credentials - and the data come to that!)
PS: Have you tried WFetch to watch the session?
ASKER
First off I have tried this and it still does not work, however even if Basic (clear text) did work it offers no real security and while I can generate a cert I do not understand how that will encrypt the Logon credentials while they are being transmitted.
ASKER
I have not tried WFetch, I'll give it a spin and C what it turns up
ASKER
The only way I found to fix this problem, regardless of activie Directory
1) Create an identical account to the one on the Active Direxctory Server on the local member server.
2) Grant this user admin rights
3) Create the Webdav virtual directory and Browse to a physical directory
3) Set the website permissions by right clicking the website in IIS and selecting permissions in ISS, then browse for the local users account, select the user(s). You can double check these permissions on the actual root folder via windows explorer. grant this user "Full Control" righhts to the site.
Now the system actually lets the user login, via the windows file explorer however, if you attempt to use an actaull application like Dreamweaver configured for webdav you can not logon.
1) Create an identical account to the one on the Active Direxctory Server on the local member server.
2) Grant this user admin rights
3) Create the Webdav virtual directory and Browse to a physical directory
3) Set the website permissions by right clicking the website in IIS and selecting permissions in ISS, then browse for the local users account, select the user(s). You can double check these permissions on the actual root folder via windows explorer. grant this user "Full Control" righhts to the site.
Now the system actually lets the user login, via the windows file explorer however, if you attempt to use an actaull application like Dreamweaver configured for webdav you can not logon.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.