Solved

Necessary Permission to Edit IIS 6.0 Settings

Posted on 2009-04-14
5
664 Views
Last Modified: 2012-06-21
I'm trying to grant a user access to make changes to IIS 6.0 without making them an administrator on the machine. There are other services and software on the server that I do not want the user to be able to alter.

My initial plan was to set up the user to remotely edit IIS using the Management snap-in in mmc but I can't seem to find any information on what the minimum required permissions are to make changes to IIS. Does a user HAVE to be an administrator to make IIS changes?

Thanks,
TechSOS
0
Comment
Question by:TechSOS
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
5 Comments
 
LVL 10

Expert Comment

by:harperse
ID: 24148298
TechSOS,

It really depends on what you are trying to avoid having them do.  Power Users and Server Operators can both administer IIS.  Depending on your group policy, you may need to add them to Remote Desktop Users to give them console access, if that is desired.  Otherwise, remote MMC will work with those rights.

Best of luck,
harperse
0
 
LVL 51

Expert Comment

by:Ted Bouskill
ID: 24154509
They need to be local administrators.
0
 

Author Comment

by:TechSOS
ID: 24167303
We have the system set to only allow admins to Remote Desktop. I don't want to make these new users admin because I don't want them to have Remote Desktop access.

Giving them Power User rights still gives me the "You have been denied access to this machine." message.

It does work if I make them administrators... but I'm trying to avoid that.

Are there any specific permissions I could put on say... the IIS executable or anything that might work?
0
 
LVL 51

Accepted Solution

by:
Ted Bouskill earned 500 total points
ID: 24171247
No.  This question has been asked many times on this site.  The answer is always, "They must be local administrators"  It's too protect the OS.  A badly configured web application is as dangerous as giving them full remote access.  If you don't trust them to use remote desktop then you shouldn't trust them to change IIS.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you don't have the right permissions set for your WordPress location in IIS, you won't be able to perform automatic updates. Here's how to fix the problem.
As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question