• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 301
  • Last Modified:

Assigning private virtual directory in IIS 6.0 for each user from web (Windows 2003 AD)

Hi,

I'm wondering how to actually configure personal directory for user using IIS 6.0 ?
the idea is so that from web browser User John can only browse directory /John not the other directory.

I've created user John and giving the directory permission access only to John and Administrator by right clicking the folder in Explorer, but John still be able to browse the other directory ?

any idea would be appreciated.

Thanks.
0
jjoz
Asked:
jjoz
1 Solution
 
WadskiIT DirectorCommented:
Disallow John 'browse' in other directories, disallow IUSR_XXX in other directories in Folder security
Check you haven't inherited permissions in the folders below the root folder
and turn off anonymous directory browsing in IISMgr
0
 
jjozAuthor Commented:
Wadski,
how can you disallow user "John" browse in IIS ?
if I uncheck the "Directory Browsing" John also could not browse his own directory.
0
 
Ted BouskillSenior Software DeveloperCommented:
Sorry, out of the box IIS doesn't support this level of granularity for permissions.
0
Veeam and MySQL: How to Perform Backup & Recovery

MySQL and the MariaDB variant are among the most used databases in Linux environments, and many critical applications support their data on them. Watch this recorded webinar to find out how Veeam Backup & Replication allows you to get consistent backups of MySQL databases.

 
pironicCommented:
Correct me if I am wrong but i think this is what i think you need.

Active Directory user name John access to http://members.yoursite.com/John
But if someone other than John trys to hit that URL it would prompt them to login... because they are denied?

To do that here is the steps.

Open your IIS control panel, find the site you are hosting your member's pages on, left click on it to select it.

Right click on the virutal directory you have already created, in this case John > Click properties

Click on the tab entitled Directory Security > There is a section called "Authentication and Access Control" click the button Edit in this section.

By default it should be inheriting the settings from the parent members website, which would most likely allow annonymous access. Unclick this if this is the case.
While in this screen also make sure you are using the Integrated Windows Authentication... you could use others too, but this is the easiest to setup right now. (essentially plug and play for an AD environment)

Click okay and close out of the properties windows that are open.

Make sure that only John and whomever should be able to view this directory have actual read permissions of this directory by going through windows explorer and manipulating the permissions (which by the sounds of it, you have already done)

I hope this is what you need... Let us know if not.
0
 
jjozAuthor Commented:
pironic,

You almost correct, actually the solution to this problem is to remove the check in "allow inheritable permissions from the parent to propagate to this object"

after that i can specify explicitly on the list who has the access to hat website through IIS.

thanks to all anyway for replying and giving comments on this thread.

Cheers.
0
 
pironicCommented:
np, have a good night!
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now