humanoid Posted October 11, 2004 Share Posted October 11, 2004 Hi, A friend of mine was having a problem with Windows 2000 server. Before she migrates to Windows 2000 server, she was using Windows NT 4.0 as a webserver. Back then, she configures the permission settings to allow every users to be able to view her websites without having to login, and only authorized users (login required) are able to access to the source codes/data/web folder (via the "Add network place" function). Recently, she migrated from Windows NT 4.0 to Windows 2000 server. Using the same permission settings as Windows NT 4.0, she was unable to get her webserver to function like before. Whenever she enables the password protection for the web folder (where the source codes and other data are stored), other users will be required to login in order to view the websites (not every users have a user account). Anyone who have encountered such problem before? She tought that the security structure for Windows 2000 server has been changed? Any thoughts about this matter? p/s: Sorry if i'm not being clear enough as this is what i've been told by her. Thanks Link to comment Share on other sites More sharing options...
Zero Posted October 11, 2004 Share Posted October 11, 2004 The account 'IUSR_[Machine Name]' should have 'Read/List Contents' permissions on your 'Inetpub\wwwroot\' or equivalent folder. Adjust the permissions for the sub folders to fit your needs. Remove IUSR_xxx and add the User/Group with the appropriate permissions. The Microsoft Baseline Security Analyzer is a good tool to lockdown IIS. Link to comment Share on other sites More sharing options...
humanoid Posted October 11, 2004 Author Share Posted October 11, 2004 Thanks for your reply Zero Link to comment Share on other sites More sharing options...
Recommended Posts