Solved

How To Get IIS-7 To Prompt For UID & P/W?

Posted on 2015-01-21
7
89 Views
Last Modified: 2015-01-21
Hello All...

We're newbies at this, so please bear with us on this.

We have used the ReCrystallize Pro software, which requires you to do this via IIS-7, to build a "WEB" Based Crystal Reporting portal, but we are *VERY* concerned about exposing our Server/Access to the general public at large.

All we want to accomplish here, is to allow certain end-users, whom we know, to use whichever web browser on whichever mobile device they own (Tablet, Smartphone, Desktop Computer away from their corporate building), to be able to run reports as needed.  Simple, simple.

We "think" we can use something like "https", and require a UserID & Password, to lock this down...are we correct here?  And, specifically, how do we go about doing this?  Any other suggestions?  We are not technical when it comes to IIS/Web configuration, so please be gentle and simple :-)

Thank you very much!...Mark
0
Comment
Question by:datatechcorp
  • 4
  • 3
7 Comments
 
LVL 4

Accepted Solution

by:
Praveen Kumar Bonala earned 500 total points
ID: 40562931
Hi ,
we have 4 authentication methods in IIS
Anonymous, Basic, integrated, Digest authentication methods.

Where Anonymous never ask for password and remaining 3 methods prompt for password for end user.

1. open IIS management console


2.In Features View, double-click Authentication.


3.On the Authentication page, select Basic Authentication.


4.In the Actions pane, click Enable to use Basic authentication with the default settings.


5.Optionally, in the Actions pane, click Edit to type the default domain and realm.


6.In the Edit Basic Authentication Settings dialog box, in the Default domain text box, type a default domain or leave it blank. Users who do not provide a domain when they log on to your site are authenticated against this domain.


7.In the Realm text box, type a realm or leave it blank. In general, you can use the same value for the realm name as you used for the default domain.

similarly you can try other authentication methods, check following link for reference...

https://technet.microsoft.com/en-us/library/cc733010(v=WS.10).aspx
0
 

Author Comment

by:datatechcorp
ID: 40562962
Hi Praveen...

Thank you *soooooo* much for responding.  Question...will implementing "Basic Authentication"...be enough of a stop gap...to harden both our Web Portal (i.e. the ReCrystallize piece) AS WELL as the Windows 2008 Server that the IIS resides on...from being hacked?  Is this the right approach?  Please let me know...it's very much appreciated!

Thanks!...Mark
0
 
LVL 4

Expert Comment

by:Praveen Kumar Bonala
ID: 40563002
Yes,
you can proceed as per my knowledge it's right approach. Other wise you can go with Client certificate Mapping.
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 

Author Comment

by:datatechcorp
ID: 40563012
Hmmm...client certificate mapping...that sounds more secure (again, please excuse me...I'm a newbie :-)...

How do you implement something like that?  Is it a simple process?  Please let me know...Thanks!...Mark
0
 
LVL 4

Expert Comment

by:Praveen Kumar Bonala
ID: 40563081
This task includes the following procedures:

Map Client Certificates One-to-One (IIS 7)

Map Client Certificates Many-to-One (IIS 7)

Map Client Certificates by Using Active Directory Mapping (IIS 7)

Please check following link to know about client certificate(Must read to understand concept...very simple)
https://technet.microsoft.com/en-us/library/cc732996(v=ws.10).aspx

Please check following link for step by step procedure to implement certificate maping

http://www.jayway.com/2014/10/27/configuring-windows-local-iis-to-use-your-self-signed-certificates-with-your-application/
0
 

Author Comment

by:datatechcorp
ID: 40563316
Thanks again Praveen...you've been *very* helpful!  Have a great day!...Mark
0
 
LVL 4

Expert Comment

by:Praveen Kumar Bonala
ID: 40563420
Thank you....
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If you don't have the right permissions set for your WordPress location in IIS, you won't be able to perform automatic updates. Here's how to fix the problem.
You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question