NTFS Security Permissions

Results 1 to 2 of 2

Thread: NTFS Security Permissions

  1. #1
    Join Date
    Dec 1969

    Default NTFS Security Permissions

    In order to serve the web do you have to have “everyone” added to the NTFS permissions of your web folders? Is there a way to delete the “everyone” account and only add the bare minimum that is required to serve the web?<BR><BR>You see, when "everyone" is giving NTFS permission to a folder, anyone who logs into the server can view the scripts in the web folder as long as they have an account. Of course IIS won&#039;t let web users see these scripts, but how do you both server the web, and keep certain employees within your company from being able to see the folder containing the scripts?

  2. #2
    Join Date
    Dec 1969

    Default RE: NTFS Security Permissions

    Sure! - but make sure to completely test it before implementing it on a production server. Test a single directory before going wild before going wild with it.<BR><BR>Incorrect NTFS permissions is the quickest way to hose up a website and will keep you busy hours troubleshooting why your ASP&#039;s don&#039;t work.<BR><BR>IIS allows can use any user account for anonymous access, it just defaults to the IUSER_MACHINENAME account. You can change it to another account under the MMC Directory Security tab Anonymous Access section.<BR><BR>Remove the NTFS permissions for Everyone on the specific directory and add the account you want. Now only users coming in through IIS (using your specified account) will be able to read the file, and only through IIS.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts