[thelist] IIS Directory Security Inheritance

Robert Gormley robert at pennyonthesidewalk.com
Wed Oct 18 21:01:55 CDT 2006


Hi all,

Using IIS6, I have a web site that has authenticated-only 
access (Basic) enabled. I want to make one directory 
authentication-free. No problem, think I - I set it's 
directory permissions in IIS Manager to enable Anonymous, 
disable Basic, and do the same for file permissions on the 
two files within.

No dice. I still get prompted when browing to 
https://site/blah/

Seems logical, and indeed if I "test" by trying to turn 
off auth at the site level, it tells me that "blah", 
"blah/file.html" have different permissions, do I 
override, so it definitely seems right, but it's 
definitely picking up site permissions and using them.

Am I missing something, or do I need to make the site 
anonymous, and all the root dirs/files authenticated?

Rob



More information about the thelist mailing list