miku 0 Posted January 3, 2003 Hi Guys, I have installed IIS and there seems to be the following stupid problem. Suppose I have some files in C:\inetpub\wwwroot folder that i want to access using IP like http://IP/file Now each time I do this it ask me for my password and only when I enter my admin/password it lets me access the file. I want anonymous access to the sites. I hav enabled anonymous access in IIS config, but it keeps asking me for pass again and again. Please let me know how to configure this. Thanks Share this post Link to post
DS3Circuit 0 Posted January 4, 2003 Could be a couple of things ... 1. Have you changed the default permissions for your site in the ISM MMC snapin. By default, all non-administrative sites have read access to the IUSER account. 2. You check NTFS permissions in the folders/files so that the annonymous user account IUSER has appropriate access. Share this post Link to post
miku 0 Posted January 5, 2003 Thanks, What I did was added Everyone to access that wwroot folder with read only permission. But just to clarify something. I always thought that these permission were local to the machine and had nothing to do with remote access. What do you say? Share this post Link to post
DS3Circuit 0 Posted January 5, 2003 Nah not at all These are permissions for ANYONE who interacts with the file system. Including local, shared folders, published folders, ftp access ... and so on Share this post Link to post
Atreyu 0 Posted June 13, 2003 In addition to the appropriate NTFS permissions being granted to the anonymous account on the files in question, the anonymous account must have log-on locally privileges, set in the local group policy snap-in. On domain controllers this privilege is not granted to the IUSR account. Share this post Link to post
duhmez 0 Posted June 16, 2003 Logon locally rights doesnt sound right to me for web access on domain contorllers. If this is true then IIS web access will be denied for all users on domain controllers by default, which I don't believe is the default. Correct me if I'm wrong......... Share this post Link to post
clutch 1 Posted June 17, 2003 Quote: Logon locally rights doesnt sound right to me for web access on domain contorllers. If this is true then IIS web access will be denied for all users on domain controllers by default, which I don't believe is the default. Correct me if I'm wrong......... This is another reason why you shouldn't install IIS on a domain controller, as the IIS anonymous user account is typically added by default. Here's a screencap of my DC that has IIS on it (hardened with IISLockdown/URLScan): As you can see, there's an "IUSR_blah" account under logon on locally, and that is automatically created by default. This is another reason why FTP under IIS while on a DC doesn't work be default, because the users need logon locally rights in order to access the box. It would *seem* like logon from a network permissions would be enough, but they aren't. Share this post Link to post