[thelist] IIS Directory Security Inheritance
Robert Gormley
robert at pennyonthesidewalk.com
Thu Oct 19 08:09:47 CDT 2006
> -----Original Message-----
> From: thelist-bounces at lists.evolt.org
> [mailto:thelist-bounces at lists.evolt.org] On Behalf Of Ken Schaefer
> Sent: Thursday, 19 October 2006 10:06 PM
> To: thelist at lists.evolt.org
> Subject: Re: [thelist] IIS Directory Security Inheritance
>
> : -----Original Message-----
> : From: thelist-bounces at lists.evolt.org [mailto:thelist-
> : bounces at lists.evolt.org] On Behalf Of Robert Gormley
> : Sent: Thursday, 19 October 2006 1:51 PM
> : To: thelist at lists.evolt.org
> : Subject: Re: [thelist] IIS Directory Security Inheritance
> :
> : Started a new IE instance each time.
>
> That's not what I asked. Is the unsecured page the first page
> that you visit in your session, or have you already visited a
> page that requires username/password?
First page. New session, browse immediately to intended target - so yes
> : The folder has NTFS permissions to read.
>
> ?!? NTFS permissions for /which/ user or group?
Sorry - was writing from an webmail client which loses in progress mails
after five minutes (fantastic huh?)
IUSR_Machine (or the anonymous account) should have 'standard'
permissions - nothing is inherited out of the ordinary (will check
tomorrow when at work) - when all authentication requirements are
removed, page and objects display correctly.
> : On further investigation, it appears that it is a symptom
> : of SSL. Allowing unsecured (but authentication controlled as
> : desired originall) access to the resource works perfectly.
> : Switch on SSL, and IIS seems to ignore the subdirectory
> : permissions.
>
> I strongly doubt this has anything to do with it.
>
> Can you post the relevant IIS logfile entries as well?
Will do. It's quite confounding. And also, guiltily, I should mention:
root of website is the root of a .net 1.1 application.
sharepoint services are also running on box.
Cheers,
Rob
More information about the thelist
mailing list