[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 275
  • Last Modified:

I just want to put a large file on our webserver for someone to download!

Normally I would just put it somewhere on the portion of the server that's open up to everybody and then send the (http) link in an e-mail to the recipient.  Simplicity itself. Then take it down after they have retrieved it.  But now people are telling me this isn't safe and I need to make them enter a password to get the file.  This is easy to do, right?  (crosses fingers)  I hope somebody can help me.  Our web server is Windows Server 2003 R2, Standard, SP2.  I (scarily) have full access to it.  I see something about FTP Sites in the IIS Manager ... hmmm.  Don't know where to ask this question, maybe somebody can tell me that also.
0
stevnated
Asked:
stevnated
3 Solutions
 
mars-vieCommented:
You should make a directory which holds the download files within your public site e.g. z_downloads
Then you should set up a new user.
Add the new user to the directory and grant read access to that user.
Remove the I_USR account from this directory.
Send the URL to the file and username/passowrd to your recipient.
An authentification window will pop up when accessing the file.

0
 
pod86Commented:
Hi,

You can setup Authenticated Access on IIS:

1. Integrated Windows Authentication: encrypts the password sent to the server (we recommend this method)
2. Digest Authentication: this level works only if Active Directory is configured
3. Basic Authentication: sends the password across the network in clear text (we do not recommend this method)
4. .Net Passport Authentication: a web authentication service

Following site for instructions: http://www.hosting.com/support/dedicated/IIS/passwordprotect

FTP is another service which you can setup which is just purely for sharing files.

To setup on windows 2003: http://support.microsoft.com/kb/323384
0
 
Brad HoweCommented:
Based on the requirements. Without investing time into a Login page, windows basic auth will to the trick. It is a low level Challenge/Response authentication that requires local accounts (NON-ADMIN) to be created on the web server.

It is however non-encrypted, so if the information is classified or critical, i would suggest other methods.

How to configure IIS Web site authentication in Windows Server 2003
http://support.microsoft.com/kb/324274

Cheers,
Hades666
0
Get quick recovery of individual SharePoint items

Free tool – Veeam Explorer for Microsoft SharePoint, enables fast, easy restores of SharePoint sites, documents, libraries and lists — all with no agents to manage and no additional licenses to buy.

 
stevnatedAuthor Commented:
Thanks everybody, I'm going to try this today ...
0
 
Brad HoweCommented:
Did you ever get around to testing this? - Hades666
0
 
stevnatedAuthor Commented:
I don't have access to that server any more  but my co-worker might need this information.  Thanks but we can just close it out.
0
 
stevnatedAuthor Commented:
Just maxing you out because it's my fault I didn't ever take the advice!
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now