#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Mar 2004
    Posts
    3
    Rep Power
    0

    Hiding Navigation Links In IIS Environment ...


    My company is running an intranet file publishing application that moves files (documents, spreadsheets, Visio files, etc.) from a Windows 2000 file server to IIS 5.0 about every two hours, daily. The file server is mapped to various desktops throughout the organization and once the files are published users can search for them leveraging the IIS Indexer. Some users can and do add metadata to their documents by filling out a flat file (pre formatted text file) that is simmilarly named to its corresponding document, so that web surfers can also use keyword searches to locate their target files.

    The directory structure on our file server is comprised of the department names which make up our compnay.

    Management has come to me and has requested a new set of folders/subfolders to be added to our directory structure that can be viewed and queried ONLY by a defined group.

    However, our intranet publishing application does not use or have it's own permissions. But it will pass through the read, write permissions established from the OS of the file server.

    Problem with this is end-user searches still render the document names that appear in these Managment folders, on the results page, and folder names are still within view to any employee web surfer browsing through our intranet navigation. This won't fly with Management. They want the folders to be hidden and the file names/index not to be exposed.

    My question is, how can I leverage the applications that are already in place (they won't buy a more expense document publishing application), and somehow get more out of IIS 5.0 /Windows 2000, and or a database to hide the folders and files from within the navigation (for all but Management) and from casual searches. Someone told me the using ASP searching could solve part of the problem, but I'm not famalier wiht that . Pleae Help And please be easy on me as I'm not technical at all.

    Thanks in advance for your time and your responses.
  2. #2
  3. No Profile Picture
    Grumpier old Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Jun 2003
    Posts
    14,449
    Rep Power
    4539
    It sounds to me like you could just remove the IUSR_computername from the permissions to the folder(s) and add the user groups you want.

    Then, when IIS runs across these folders it will prompt the user for authentication.

    You may need to enable plain text authentication if you're supporting browsers other than IE
    ======
    Doug G
    ======
    Bartender to Rene Descartes "have another beer?" Descartes: "I think not" and he vanished.
    --Alfred Bester
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Mar 2004
    Posts
    3
    Rep Power
    0
    Originally Posted by Doug G
    It sounds to me like you could just remove the IUSR_computername from the permissions to the folder(s) and add the user groups you want.

    Then, when IIS runs across these folders it will prompt the user for authentication.

    You may need to enable plain text authentication if you're supporting browsers other than IE
    Doug, thanks for the quick reply.

    In my current configuration it already prompts the would-be viewer for a password. My goal is to make it so that those who don't have access to the link/folder don't see the link folder in the navigation or on the search results page.
  6. #4
  7. No Profile Picture
    Grumpier old Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Jun 2003
    Posts
    14,449
    Rep Power
    4539
    If the search is done from within your application, I don't know any way to control it's results.

    If you are making your own search, yes, you could use asp to filter out the results depending on the user that's logged in. Search for I think ADSI to find out details how to use asp to get the user.
    ======
    Doug G
    ======
    Bartender to Rene Descartes "have another beer?" Descartes: "I think not" and he vanished.
    --Alfred Bester
  8. #5
  9. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Mar 2004
    Posts
    3
    Rep Power
    0
    Originally Posted by Doug G
    If the search is done from within your application, I don't know any way to control it's results.

    If you are making your own search, yes, you could use asp to filter out the results depending on the user that's logged in. Search for I think ADSI to find out details how to use asp to get the user.
    Doug, the intranet publishing application is leveraging the IIS Indexer and thus is only rendering an HTML search template. IIS is handling 100% of the search process.

    also, I believe that we have permissions/groups in Active Directory or LDAP (thrying to confirm as we speak) could we leverage either of these sources. If so, is this difficult, or?
    Last edited by Arturman; March 19th, 2004 at 09:39 AM.
  10. #6
  11. No Profile Picture
    Grumpier old Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Jun 2003
    Posts
    14,449
    Rep Power
    4539
    I'm not familiar with manipulating the windows index service, sorry.
    ======
    Doug G
    ======
    Bartender to Rene Descartes "have another beer?" Descartes: "I think not" and he vanished.
    --Alfred Bester

IMN logo majestic logo threadwatch logo seochat tools logo