Started a new IE instance each time. The folder has NTFS permissions to read. On further investigation, it appears that it is a symptom of SSL. Allowing unsecured (but authentication controlled as desired originall) access to the resource works perfectly. Switch on SSL, and IIS seems to ignore the subdirectory permissions. Hrm. Rob On Thu, 19 Oct 2006 12:30:55 +1000 "Ken Schaefer" <Ken at adOpenStatic.com> wrote: > What did you set for the NTFS file permissions? > > Did you access a restricted file/folder prior to >browsing to the anonymous > file? > > THanks > > Cheers > Ken > > -- > My Blog: www.adOpenStatic.com/cs/blogs/ken > > > : -----Original Message----- > : From: thelist-bounces at lists.evolt.org [mailto:thelist- > : bounces at lists.evolt.org] On Behalf Of Robert Gormley > : Sent: Thursday, 19 October 2006 12:02 PM > : To: thelist at lists.evolt.org > : Subject: [thelist] IIS Directory Security Inheritance > : > : Hi all, > : > : Using IIS6, I have a web site that has >authenticated-only > : access (Basic) enabled. I want to make one directory > : authentication-free. No problem, think I - I set it's > : directory permissions in IIS Manager to enable >Anonymous, > : disable Basic, and do the same for file permissions on >the > : two files within. > : > : No dice. I still get prompted when browing to > : https://site/blah/ > : > : Seems logical, and indeed if I "test" by trying to >turn > : off auth at the site level, it tells me that "blah", > : "blah/file.html" have different permissions, do I > : override, so it definitely seems right, but it's > : definitely picking up site permissions and using them. > : > : Am I missing something, or do I need to make the site > : anonymous, and all the root dirs/files authenticated? > > -- > > * * Please support the community that supports you. * * > http://evolt.org/help_support_evolt/ > >For unsubscribe and other options, including the Tip >Harvester > and archives of thelist go to: http://lists.evolt.org > Workers of the Web, evolt !