Applying Security Using IIS 4.0 & NT Personal Web Server || |
Internet Information Server 4.0 & NT Personal Web Server
use the native
security features of the NTFS file system and Windows NT user
administration to provide security for web pages. In order to password
protect ProblemTracker on any of these web servers you must install it
on an NTFS file system.
The following instructions assume a workgroup named ptdev is installed.
For your workgroup, substitute your workgroup name for "ptdev" in
the steps below.
- Enable Authentication
- Start the Internet Service Manager
Start->Programs->Windows NT 4.0 Option Pack->Microsoft Personal Web Server->Internet Service Manager
Start->Programs->Windows NT 4.0 Option Pack->Microsoft Internet Information Server->Internet Service Manager
- Select Default Web Site or a Web Site of your choice
- Double click on the content directory folder (ptdev) in the left window pane.
The files included in the ptdev folders are displayed in the right window pane.
- For each file or folder that you would like to password protect,
repeat the following steps:
- Right click on the file or directory. A pull down menu appears. Select Properties.
- Select the File Security (or Directory Security) tab.
- Press the Edit... button in the Anonymous Access and Authentication Control.
- Unselect Allow Anonymous Access.
- Select Basic Authentication. A warning dialog box will pop up. Press Yes.
Press the Edit... button for Basic Authentication.
- An input dialog for Basic Authentication Domain will pop up. Select the appropriate
domain for your Web Server. In most cases it should be the local domain. If so, select
Use Default and press OK.
- Press OK in the Authentication Method dialog box.
- Press Apply and then OK in the Properties dialog box.
- Set File Security on Windows NT
- Start the Windows NT Explorer
- Select the directory where ProblemTracker is installed, e.g.
- In the right pane of the Explorer, select the directory
or file(s) you would like to limit access to.
You can select multiple items by holding down the Control key
as you click on files.
- With the files highlighted, select the "File->Properties" menu, click on the
Security tab of the dialog, and press the Permissions button.
- The File Permissions dialog is displayed. By default it has
the value "PUSR4 Modify" where is the TCP/IP name of
the machine where ProblemTracker is installed. Delete this row, and any
others that grant access to anyone you do not wish to have access to
the selected directory or files. If you do not wish for an individual
to see a web page, make sure the user does not have Read (R)
permissions for the file or directory.
- Press the Add... button to display the Add Users and Groups dialog.
Under "List Names From:" select your Windows NT domain and click
on the Show Users button. Now add any particular user you would
like to give access to the select directory or files by selecting
their name, pressing the "Add" button, selecting the access type,
and pressing OK. Repeat this process for any other users.
- Back on the File Permissions dialog, press the Add... button to
display the Add Users and Groups dialog. Under "List Names From:"
select your machine (\\HostName*, where HostName is the name of
your machine), and click on the Show Users button. Now add any
users you defined earlier (e.g. ptadmin) by selecting the name,
pressing the "Add" button, selecting the appropriate
access and pressing OK.
- Press the OK button, and the OK button again.
- Refer to the
in the Web Server Security Overview section to determine which
content directories and program files
you would like to protect based upon function. Then repeat the
process described here for each.