[thelist] IIS Directory Security Inheritance

[Robert Gormley]

> -----Original Message-----
> From: thelist-bounces at lists.evolt.org 
> [mailto:thelist-bounces at lists.evolt.org] On Behalf Of Ken Schaefer
> Sent: Thursday, 19 October 2006 10:06 PM
> To: thelist at lists.evolt.org
> Subject: Re: [thelist] IIS Directory Security Inheritance
> 
> : -----Original Message-----
> : From: thelist-bounces at lists.evolt.org [mailto:thelist-
> : bounces at lists.evolt.org] On Behalf Of Robert Gormley
> : Sent: Thursday, 19 October 2006 1:51 PM
> : To: thelist at lists.evolt.org
> : Subject: Re: [thelist] IIS Directory Security Inheritance
> : 
> : Started a new IE instance each time.
> 
> That's not what I asked. Is the unsecured page the first page 
> that you visit in your session, or have you already visited a 
> page that requires username/password?

First page. New session, browse immediately to intended target - so yes

> : The folder has NTFS permissions to read.
> 
> ?!? NTFS permissions for /which/ user or group?

Sorry - was writing from an webmail client which loses in progress mails
after five minutes (fantastic huh?)

IUSR_Machine (or the anonymous account) should have 'standard'
permissions - nothing is inherited out of the ordinary (will check
tomorrow when at work) - when all authentication requirements are
removed, page and objects display correctly.

> : On further investigation, it appears that it is a symptom
> : of SSL. Allowing unsecured (but authentication controlled as
> : desired originall) access to the resource works perfectly.
> : Switch on SSL, and IIS seems to ignore the subdirectory
> : permissions.
> 
> I strongly doubt this has anything to do with it.
> 
> Can you post the relevant IIS logfile entries as well?

Will do. It's quite confounding. And also, guiltily, I should mention:

root of website is the root of a .net 1.1 application.

sharepoint services are also running on box.

Cheers,
Rob