I have a website and FTP Site both on the same box running the IIS 5. The FTP
Site is setup for vendor use while the IIS is setup for sales reports for our
external sales force. the problem I am having is the vendors are able to
access the website setup for the sales ppl. the dir sec on the web is using
basic and intergrated. how can i set this up so the vendors do not have
access to the website?
Change NTFS permissions on the files/folders in question. Remove Everyone
and add in the specific groups/users that should be allowed access.
Basic/IWA determine the authentication mechanism that the client uses to get
the credentials across to IIS. But as you can see, everyone can access the
files (provided they authenticate). To restrict access is the next step:
authorization. You control who is authorized to access the files by setting
NTFS permissions.
Cheers
Ken
"Steven"
news:4073CD0B-327D-44CC-B84D-609382608076@microsoft.com...
:I have a website and FTP Site both on the same box running the IIS 5. The
FTP
: Site is setup for vendor use while the IIS is setup for sales reports for
our
: external sales force. the problem I am having is the vendors are able to
: access the website setup for the sales ppl. the dir sec on the web is
using
: basic and intergrated. how can i set this up so the vendors do not have
: access to the website?