IIS7

I am running windows server 2008 R2 with IIS7.  I used to run win2003 with IIs6 and we have a folder that has shared pictures available for all the different websites.  So we can use the pictures in the "resources" folder on my root C that all the websites had access to, probably read only.

Now with IIS7, when we try to access content in that same folder, pictures or what ever, it prompts for a username and password.

Does anyone know how to get around this, how to allow internet access (read only) to that folder if someone clicks on a website and the pictures are stored on that folder?

Am I making sense?
DanNetwork EngineerAsked:
Who is Participating?
 
ErezMorCommented:
did you make iis user (IUSR...something) authorizrd to read files from this folder (in my computer under this folder's properties...security settings)
0
 
DanNetwork EngineerAuthor Commented:
Yes, here's a list of all the users who have access:
creator owner
system
administrators
users
IIS_IUSRS

When I brought up that group (IIS_IUSRS), it's empty, there's no users in it, that's why it probably doesn't work.  So what user do I need to put in there?  I can't add Network Service, as that has a lot of access.
0
 
DanNetwork EngineerAuthor Commented:
Do I somehow need to enable "anonymous authentication is enabled".  I've been reading different sites and am trying to figure this out.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
ErezMorCommented:
no, there are no actual users, it's all users coming through web sites. but does this entry has read rights for the folder?
0
 
DanNetwork EngineerAuthor Commented:
I came accross this, but it won't let me add the nt authority\authenticated users to the administrators group???  why not...

The IUSR account is "NT AUTHORITY\IUSR", the SID is S-1-5-17. I tryed to put it in "Administrators" group but it didn't work.
 
The Solution!!!!
Under "Administrators" group I had to put the "NT AUTHORITY\Authenticated Users" with SID S-1-5-11.
0
 
DanNetwork EngineerAuthor Commented:
yes, I added the IIS_IUSRS group with read rights for security.  The folder is NOT shared.
0
 
DanNetwork EngineerAuthor Commented:
so under hte IIS_IUSRS group, I added the folowing user: NT Authority\IUSR(S-1-5-17)

Is that ok?
0
 
ErezMorCommented:
you need to share it as well (again with read permissions to iis users)
0
 
DanNetwork EngineerAuthor Commented:
But is it ok to add hte nt authority\IUSR user to that group, the IIS_IUSRS group?
Or is that giving to much access to that folder?
0
 
DanNetwork EngineerAuthor Commented:
Still failing, I shared the folder and gave hte iis_IUSRS group read only access, but still failing.

I get the following error:

401 - Unauthorized: Access is denied due to invalid credentials.

You do not have permission to view this directory or page using the credentials that you supplied.
0
 
brwwigginsIT ManagerCommented:
Most likely you'll need to add NETWORK SERVICE to the folder. The driving factor is what identity is being used by your app pool associated with the site.

If you look at the app pool properties, you can view/edit the identity used by the app pool.
0
 
DanNetwork EngineerAuthor Commented:
we have a major problem, now when anyone goes to our website, there's a logon prompt to just view our website, how do I fix this?  I removed everything I did.
0
 
DanNetwork EngineerAuthor Commented:
well, I had a coworker look at it and it's fixed, somehow the permissions for system was removed.
0
 
DanNetwork EngineerAuthor Commented:
Thanks guys, actually, the problem was, there were 3 files in there that were encrypted, so we had to change the file permissions on those three files, to unencrypted and it's working fine now.
0
 
ErezMorCommented:
good on ya mate
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.