Best Practice user setup for external / internal Anonymous IIS user
Posted on 2012-09-05
I have several external web sites located on a web server running IIS 6.0, Windows Server 2003. I recently changed our domain and upgraded everything to Windows 2008 server/domain except the external IIS server.
When reviewing the old AD setup it has an anonymous user account, supposedly built in, that as listed as a member of domain users.
When I changed the domain anyone trying to access the web site was prompted for a user id and password. I created a local user on the IIS server and did not make it a member of domain users. I then update the user and password in IIS 6.0 and no more prompting.
I want to control all users via AD and was wondering what is the best practice for this anonymous user? It doesn't seem correct to make the anonymous user as a member of domain users.... I want to get little access.