Disable "allow anonymous authentication" using the IIS MMC Snapin for the
folder in question (it's on the Security tab). Enable Basic and/or
Integrated Windows Authentication.

Then, set the NTFS permissions for that folder as required.

Cheers
Ken

----- Original Message -----
From: "Henry David Christopherson" <dng (at) cmhsweb (dot) org [email concealed]>
To: <focus-ms (at) securityfocus (dot) com [email concealed]>
Sent: Thursday, November 20, 2003 8:44 AM
Subject: iis - authenticate thru domain username/password

: I have an IIS server. Can I make a certain
: folder only accessible if they login with their
: domain username/password?
:
: Just like in apache, wherein you can have .htpasswd
:
: Whenever someone will access that web directory or
: any directory under that, it will ask for username/password.
:
: Is this possible?
:
:
: ------------------------------------------------------------------------
--
-
: ------------------------------------------------------------------------
--
-
:
:

------------------------------------------------------------------------
---
------------------------------------------------------------------------
---

[ reply ]