On Wed, 21 Apr 2010 08:54:20 +0200, "Florian Frommherz [MVP]"
<> wrote:
>Howdie!
>
>On 20.04.2010 16:55, Chris wrote:
>> I have IIS7 setup with a directory secured using BASIC Authentication only.
>>
>> The directory is on a network share but only two Active Directory usernames
>> have NTFS permissions to this folder. One username is for the IIS entry to
>> have permission to the share. The second username is to be used
>> externally/publically when visiting the website.
>>
>> It works great. The username can login fine. But...
>>
>> So can all the other usernames within Active Directory. I have isolated this
>> shared folder to only allow these two usernames (both in their own security
>> groups too), yet every username in AD can login.
>>
>> Why is this? IIS seems to be doing something odd.
>
>What else do you have enabled for authentication methods? If I remember
>correctly, when having "Anonymous" enabled, IIS would use the builtin
>account to access the resources.
>
>Cheers,
>Florian
I would also llike to add, if accessing the site's URL using the
NetBIOS name of the web server, it will use the logged on user's
context for authenticaiton, however if accessing the URL using the
FQDN, it will always prompt for credentials, that is if Anonymous is
disabled.
Ace
This posting is provided "AS-IS" with no warranties or guarantees and confers no rights.
Please reply back to the newsgroup or forum for collaboration benefit among responding engineers, and to help others benefit from your resolution.
Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services
If you feel this is an urgent issue and require immediate assistance, please contact Microsoft PSS directly. Please check
http://support.microsoft.com for regional support phone numbers.
Linear Mode
