Control IIS website access to users with Active Directory

Question

Basic authentication question. I have my website up and it is set up to be used by Windows Active Directory users.

How can I control access to the website within AD users so that some have access and some don't?

Is this something I can do from IIS console?

Don't have time for a full answer, but put the users in an access group, then assign file permissions to only that group. Also, should be using at least HTTP Digest, Win Integrated would be better. Basic sends passwords in clear text, easily scooped up be nefarious people. — Chris S, Dec 11 '11 at 15:28

score 0 · Answer 1 · answered Dec 11 '11 at 01:29

Yes, I think that you can use the IIS Shell. I'm not sure, though.

You may want to take a look at this: http://technet.microsoft.com/en-us/library/cc778815(WS.10).aspx

To quote the site:

"You can control which users and computers are allowed to access your Web server and its resources. You can use both NTFS and Internet Information Services (IIS) security features, such as Web permissions and IP address restrictions, to specific access rights to Web sites, directories, and files."

score 0 · Answer 2 · answered Dec 12 '11 at 14:55

0

For IIS version 7 and higher: open the IIS Manager, select application or folder, activate .NET Authorization Rules, edit rules. Use the following link to read more about ASP.NET Web Application Security

answered Dec 12 '11 at 14:55

begemot

76
3

Control IIS website access to users with Active Directory

2 Answers2