Re: Need help on windows server 2003
From: David Wang [Msft] (someone_at_online.microsoft.com)
Date: 05/11/04
- Next message: David Wang [Msft]: "Re: Accessing 32 bit COM components in 64 bit IIS"
- Previous message: David Wang [Msft]: "Re: .exe files download under IIS 6"
- In reply to: anonymous_at_discussions.microsoft.com: "Re: Need help on windows server 2003"
- Next in thread: Jeff Cochran: "Re: Need help on windows server 2003"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 11 May 2004 02:49:34 -0700
There is no way that IIS is going to do it automatically when you create a
project on it. Doesn't make sense from a security point of view.
Thus, the process that is creating the project on IIS would need to do it,
and that can be scripted.
One script that can do this is ADSUTIL.VBS, on the server:
CSCRIPT %SYSTEMDRIVE%\Inetpub\ADSUTIL.VBS SET
W3SVC/1/ROOT/<App/VdirName>/AccessScript 1
You can run the script remotely from the client assuming the user has admin
privileges on the server using the -s switch. All this is documented on
MSDN.
So, there are many ways to do this securely; I'm just saying that IIS is not
going to do the easy yet insecure method that you want -- you'll have to do
this securely in the fashion that makes sense for you. Are you saying the
company has time to develop but no time to secure the application that it
develops?
-- //David IIS This posting is provided "AS IS" with no warranties, and confers no rights. // <anonymous@discussions.microsoft.com> wrote in message news:b39501c4373a$4a59da90$a101280a@phx.gbl... So youre telling me that there is no way to get it to happen automatically? there MUST be a way couse the cmpany has no time to develop AND change the run option every time they create a new project. >-----Original Message----- >As a part of security lockdown, IIS6 only serves static files by default. >Scripts like ASP will not work until you enable it to run on IIS6 AND enable >"Scripts" on the vdir/app that actually needs to run scripts. This is >totally by design -- secure by default. You have to configure and unlock >IIS functionality. > >This approach is far better than prior IIS versions, which had all the bells >and whistles enabled (so users would never need to "unlock" any >functionality as they grow more sophisticated) -- but history has shown that >this helps hackers more than end users. > >The end result of the "hostile Internet" is that it's a little more hassle >now for you to have to enable the "Scripts" permission when you add a >project, but I hope you realize this is for your own benefit. There is no >way that IIS6 will ever automagically enable "Scripts" permission when you >add a project remotely -- there is much potential security vulnerability >with what you're asking. > >-- >//David >IIS >This posting is provided "AS IS" with no warranties, and confers no rights. >// ><anonymous@discussions.microsoft.com> wrote in message >news:b31f01c4372e$f5321560$a501280a@phx.gbl... >Some time ago i set up a web/sql server for my company, >yet last week we were testing it and we found out that >IIS cannot show .asp pages (just non script and non app >pages) > >i found that i had to manually set the run permissions on >scripts only or run scripts and applications. > >how can i configure IIS to automatically do so when i >remotely add a project (with visual interdev) > >and if someone knows the awnser to this problem please >give a detailed walkthrough couse i am not that familiar >with windows server 2003. > >thanks in advance, > >Tars Talsma >Businesscorner system administrator > > >. >
- Next message: David Wang [Msft]: "Re: Accessing 32 bit COM components in 64 bit IIS"
- Previous message: David Wang [Msft]: "Re: .exe files download under IIS 6"
- In reply to: anonymous_at_discussions.microsoft.com: "Re: Need help on windows server 2003"
- Next in thread: Jeff Cochran: "Re: Need help on windows server 2003"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
