Assigning private virtual directory in IIS 6.0 for each user from web (Windows 2003 AD)


I'm wondering how to actually configure personal directory for user using IIS 6.0 ?
the idea is so that from web browser User John can only browse directory /John not the other directory.

I've created user John and giving the directory permission access only to John and Administrator by right clicking the folder in Explorer, but John still be able to browse the other directory ?

any idea would be appreciated.

Who is Participating?
jjozConnect With a Mentor Author Commented:

You almost correct, actually the solution to this problem is to remove the check in "allow inheritable permissions from the parent to propagate to this object"

after that i can specify explicitly on the list who has the access to hat website through IIS.

thanks to all anyway for replying and giving comments on this thread.

WadskiIT DirectorCommented:
Disallow John 'browse' in other directories, disallow IUSR_XXX in other directories in Folder security
Check you haven't inherited permissions in the folders below the root folder
and turn off anonymous directory browsing in IISMgr
jjozAuthor Commented:
how can you disallow user "John" browse in IIS ?
if I uncheck the "Directory Browsing" John also could not browse his own directory.
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Ted BouskillSenior Software DeveloperCommented:
Sorry, out of the box IIS doesn't support this level of granularity for permissions.
Correct me if I am wrong but i think this is what i think you need.

Active Directory user name John access to
But if someone other than John trys to hit that URL it would prompt them to login... because they are denied?

To do that here is the steps.

Open your IIS control panel, find the site you are hosting your member's pages on, left click on it to select it.

Right click on the virutal directory you have already created, in this case John > Click properties

Click on the tab entitled Directory Security > There is a section called "Authentication and Access Control" click the button Edit in this section.

By default it should be inheriting the settings from the parent members website, which would most likely allow annonymous access. Unclick this if this is the case.
While in this screen also make sure you are using the Integrated Windows Authentication... you could use others too, but this is the easiest to setup right now. (essentially plug and play for an AD environment)

Click okay and close out of the properties windows that are open.

Make sure that only John and whomever should be able to view this directory have actual read permissions of this directory by going through windows explorer and manipulating the permissions (which by the sounds of it, you have already done)

I hope this is what you need... Let us know if not.
np, have a good night!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.