|
|||||||||
|
|||||||||
| |||||||||
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
Dev Shed Forums Sponsor:
|
|
|
|
#1
May 12th, 2004, 08:41 AM
|
|||
|
|||
How to enable Anonymous Access in IIS 6
What are the account requirements for aspx pages to be accessed anonymously on Windows 2003 server?.
When I view my aspx page in a browser locally or remotely I always get prompted for user and password. When I provide credentials for user in the admin group the page displays correctly. I do not get prompted when viewing .htm files. I would like to make the aspx pages available anonymously. Here are my settings: NTFS Directory Security: Administrators - Full Control ASP.NET Machine Account - Read & Execute, List, Read Internet Guest Account - Read & Execute, List, Read System - Full Control Virtual Directory Tab: Read - checked Execute permissions - Scripts only Authentication and access control: Enable anonymous access - checked User name: IUSR_COMPUTER_NAME Basic Authentication - Not checked Thank you in advance.
|
|
#2
May 12th, 2004, 02:07 PM
|
||||
|
||||
|
Not sure, but you need to make sure that the Internet Guest Account can read the file needed for ASPX pages, which is probably located here:
C:\Windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll (that may be different depending on your version etc.)
|
|
#3
May 12th, 2004, 03:57 PM
|
|||
|
|||
|
Thank you, EdwinBrains.
You are right, giving the Internet Guest Account read rights to the aspnet_isapi.dll file resolved the problem. Questions: What group(s) should the Internet Guest Account be in? By default that account is only a member of the Guest group. What users/groups should have access to the aspnet_isapi.dll file. I checked other 2k3 boxes and the following users/groups are listed in the Security settings for the aspnet_isapi.dll file. Administrators ASP.NET Machine Account IIS_WPG Local Service Network Service Power Users System Users I know that giving read rights to the IUSR_Machine_Name for the aspnet_isapi.dll file would solve the problem, however, I am trying to figure out the correct way the server should be setup. I must have done something wrong to cause this in the first place as I don't hear anybody else complain about this.
|
|
#4
May 12th, 2004, 04:01 PM
|
||||
|
||||
|
Well I'm not entirely sure, but you want to give the least amount of permissions as possible to make it as secure as possible.
I don't think you want to add the Internet Guest Account to any other groups though, to reduce the chance of hackers breaking into your web server. I think Doug G will give you more info about which groups should have access.
|
|
#5
May 12th, 2004, 08:30 PM
|
|||
|
|||
|
I don't ever add IUSR_whatever to any additional groups, but then again I only work on small systems.
__________________
====== Doug G ====== "Hide, hide witch! The good folk come to burn thee. Their keen enjoyment hid behind their gothic mask of duty." -Mark Clifton
|
|
#6
March 11th, 2005, 02:53 PM
|
|||
|
|||
|
Enabling anonymous access on IIS 6.0
Quote:
I gave the anonymous account (IUSR_MachineName) read access to the abovementioned DLL but still didn't work. The way I "solved" this problem was activating sub-authentication in IIS 6.0 (which poses a security threat), IIS 5.0 uses sub-authentication by default when you enable anonymous access but IIS 6.0 does not. For details on how to do this, please refer to http://support.microsoft.com/default.aspx?scid=kb;en-us;332167 Hope this can be of assistance, even though you solved your problem already.
|
|
| Viewing: Dev Shed Forums > System Administration > IIS > How to enable Anonymous Access in IIS 6 |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
 |
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
