IIS 5.0 permissions - TechRepublic
General discussion
February 7, 2001 at 04:51 AM
agibbs

IIS 5.0 permissions

by agibbs . Updated 25 years, 4 months ago

Hey all. I’m trying to restrict access to a folder within a website so only one user has access. Here’s the problem:

Let’s say the website I’ve created in IIS points to d:\webs\mydomain.com\wwwroot. Permissions on this folder are

SYSTEM and ADMINISTRATORS: Full Control
IUSER_MACHINE: Read/Execute

The folder I want to secure is d:\webs\mydomain.com\wwwroot\intranet. Permissions here same as above, plus:

TESTUSER: Full Control

So, I turn off Anonymous access and enable Basic Authentication ONLY for the /intranet folder within IIS. Now, if I try to access http://mydomain.com/intranet, I am prompted for a username and password (duh). But, I log in as TESTUSER and it prompts me again! Like TESTUSER doesn’t have access.

Now, I grant TESTUSER READ/EXECUTE access to the root (d:\webs\mydomain.com\wwwroot) and now I can log in to http://mydomain.com/intranet with full control. Is there some issue with IIS where a user must have at least READ access to the root webbefore they can be granted any access to a subfolder?

This discussion is locked

All Comments