Home | Troubleshooting |  Quick Setup  |  Cisco How to  |  Data Recovery  |  Forums   | Blog | IT Exam Practice | Services  | About Us | Chicagotech MVP  | Search  | Contact Us  |                 

 

 

 How to Configuring Security Settings for the Virtual Server

To configure the new virtual server to use basic authentication
1. In Internet Information Services, right-click the Web site you just created, and then click Properties.
2. On the Directory Security tab, under Authentication and Access Control, click Edit.
3. Select the Enable anonymous access check box.
4. In the User name box for the anonymous user, type a domain user account to use for anonymous access.
Note that because you are allowing access across computers, the default anonymous account (which is specific to each server) will not work. You must use a domain account for anonymous access.
5. In the Password box, type the password that corresponds to the user account.
6. In the Authenticated Access section, clear the Integrated Windows authentication check box, and select the Basic authentication (password is sent in clear text) check box.
7. Click Yes to verify that you want to enable Basic authentication, and then click OK.
8. Type the password again to confirm it, and then click OK.
9. Click OK again to close the Properties dialog box.

To determine the IIS instance number for a virtual server
1. In Internet Information Services, right-click the Web site you just created, and then click Properties.
2. On the Web site tab, in the Enable logging section, click Properties.
At the bottom of the screen, under the Log file name box, is an example string, such as W3SVC605785804\exyymmdd.log. The numbers between W3SVC and \exyymmdd.log are the instance number. In this example, the instance number is 605785804. Write down this instance number so you can use it when you modify the registry for this virtual server.
To modify the registry to enable group accounts
1. Click Start, point to Run, type regedit, and then click OK.
2. Navigate to the following key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Shared Tools\Web Server Extensions\All Ports\
Note On x64-based computers, the registry key is HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Shared Tools\Web Server Extensions\All Ports\
3. On the Edit menu, click New, and then click String value.
4. Type anonusergroupprefix as the new value name.
5. Right-click the new value and then click Modify.
6. Type a prefix for the group name in the format DOMAIN\prefix, and then click OK.

To modify the registry to specify a different group account for the virtual server
1. Navigate to the following key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Shared Tools\Web Server Extensions\ Ports\
Note On x64-based computers, the registry key is HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Shared Tools\Web Server Extensions\Ports\
2. On the Edit menu, click New, and then click Key.
3. Replace New Key #1 with Port instance number;.
The instance number is the IIS instance number you looked up previously. This must be in the format Port /LM/W3SVC/1;, so using the example above, it would be: Port /LM/W3SVC/605785804;.
4. On the Edit menu, click New, and then click String value.
5. Type anonusergroup as the new value name.
6. Right-click the new value and then click Modify.
7. Type the domain group name to use (either DOMAIN\prefix_IISinstancenumber or DOMAIN\groupname).
8. Click OK.

To change the UNC share permissions on the file server
1. Right-click the shared folder, and click Properties.
On the Sharing tab, click Permissions.
2. Select Everyone, and then click Remove.
3. Click Add.
4. Type the domain group name you specified in the previous steps, and then click OK.
5. Under Permissions for group name, select Full Control, and then click OK.
6. Click Add.
7. Type Administrators, and then click OK.
8. Under Permissions for administrators, select Full Control, and then click OK.
9. Click Add.
10. Type the user name for the administrator of the Web server computer, and then click OK.
11. Under Permissions for <User Name>, select Full Control, and then click OK.
12. Click Add.
13. Click Object Types, and then in the Object Types box, select the Computers check box, and then click OK.
14. In the Enter the object names to select box, type the Web server computer name, followed by a dollar sign ($) and then click OK.
15. Select Full Control, and then click OK.
16. Click OK again to close the Properties dialog box.

Post your questions, comments, feedbacks and suggestions

Contact a consultant

Related Topics

Connecting SharePoint to UNC Network Shares
 

 


 
 

Hit Counter   This web is provided "AS IS" with no warranties.
Copyright © 2002-2018 ChicagoTech.net, All rights reserved. Unauthorized reproduction forbidden.