Re: Web.Config and Virtual Directory

From: Jeffrey Palermo (jeffreypalermo_at_yahoo.com)
Date: 05/05/04 

Date: Wed, 5 May 2004 13:27:04 -0500

In this case, I'm assuming you are using AD, and these people's windows
accounts have access to these files. Use NTFS security on the folder and
take out "Everyone" if it's there. Fix the NTFS permissions on the folder
with the restricted files so that only appropriate users have access. This
may be a job for your server administrator depending on how your
organization is set up.

Jeffrey Palermo

"Wm. Scott Miller" <Scott.Miller@spam.killer.wvinsurance.gov> wrote in
message news:OC2WI0sMEHA.3420@TK2MSFTNGP11.phx.gbl...
> IIS is set to Windows Authentication with all other methods disabled.
>
> Scott
>
> "Jeffrey Palermo" <jeffreypalermo@yahoo.com> wrote in message
> news:OPIf2ysMEHA.892@TK2MSFTNGP09.phx.gbl...
> > This is not an ASP.NET issue, but an IIS one.
> >
> > Use IIS security to authenticate users for this virtual directory. That
> > means you have to disable anonymous access.
> >
> > Jeffrey Palermo
> >
> > "Wm. Scott Miller" <Scott.Miller@spam.killer.wvinsurance.gov> wrote in
> > message news:O8%233TKsMEHA.3712@TK2MSFTNGP10.phx.gbl...
> > > We have a intranet site that allows one of our departments to search a
> set
> > > of pdfs and then look at them. Only problem is that only they and us
> > geeks
> > > should be allowed to see the pdfs. We have it locked down except for
> when
> > a
> > > person directly types in the url to a pdf. Currently, the PDFs are in
a
> > > virtual directory off the root of the server. Putting it under the
> search
> > > site also doesn't work. My understanding is that IIS looks as the
> virtual
> > > directory as a separate site and will not carry web.config settings
down
> > to
> > > it. Putting a web.config in the virtual directory directly doesn't
work
> > > either. How do I secure this virtual directory so only certain users
> can
> > > get to the pdfs?
> > >
> > > Scott
> > >
> > >
> > >
> >
> >
>
>

Relevant Pages

  • RE: Newer files written to a shared folder are unaccesable using Windows Explorer
    ... please disable web share on the folder to see if it is helpful. ... If the above step doesn't help, please perform clean boot and error check ... After Windows starts, follow these steps to manually start Windows Installer ... | the MPEG1 and 2 capture settings, installed IIS and enabled web sharing. ...
    (microsoft.public.windowsxp.network_web)
  • Newer files written to a shared folder are unaccesable using Windows Explorer
    ... Newer files written to a shared folder are unaccesable using Windows ... video capture card are visable using Windows Explorer but are not accessable ... the MPEG1 and 2 capture settings, installed IIS and enabled web sharing. ...
    (microsoft.public.windowsxp.network_web)
  • Re: NEED HELP WITH XP IIS SECURITY
    ... >could have access to certain files in IIS and who couldn't by right clicking ... >the file in Windows Explorer go to properties and then the security tab. ... >folder for security reasons and then write script to access that folder. ...
    (microsoft.public.inetserver.iis)
  • Re: NEED HELP WITH XP IIS SECURITY
    ... >could have access to certain files in IIS and who couldn't by right clicking ... >the file in Windows Explorer go to properties and then the security tab. ... >folder for security reasons and then write script to access that folder. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Attacked by UNIX Rootkit
    ... > sites and a FTP server. ... > folder "~tmp" and under that there is a folder with no ... if you failed to apply all the latest IIS and Windows patches [at ...
    (microsoft.public.inetserver.iis.security)