Discussion:
IIS的Web權限設定形同虛設??
(时间太久无法回复)
果汁學長
2005-08-16 08:59:05 UTC
Permalink
小弟在IIS下, 將某個虛擬目錄的 "目錄安全設定" 設定如下

匿名存取及驗證控制: 取消匿名存取, 再配合 整合的Windows驗證
IP位址及網域名稱限制: 授予存取權

文件的設定為 啟用預設文件(假設預設為index.aspx好了)

在檔案總管裡,我將Everyone拿掉,只允許Domain Users讀取 (無修改及寫入權限)

結果發現一個重大問題...

如果我直接在網址上打 http://www.abc.com.tw/DOC/index.aspx
雖然會出現要求登入網域的畫面
但我直接空白,然後按確定
還是可以過, 而且還會看到 index.aspx 的畫面..

請問我該如何設定才能要求User一定要登入網域才可以存取畫面、程式?
比如說IIS設定,或檔案總管中的設定??

麻煩各位大大了..拜託拜託...

事關公司的系統安全啊~~
Eric Tsai - œ²©v¿«
2005-08-16 21:38:00 UTC
Permalink
À³žÓ€£ŠÜ©óžõ¥X¹ïžÜ®ØµM«ášS¥ŽÁÙ·|¹L¡A
ŠpªG¬O¥Î€wµn€Jªº±bž¹±KœX°µÅçÃÒ¡A
¯à¹LŽNªœ±µ¹L€F¡C
«Øij¥i¥H§ï¥Î°ò¥»ÅçÃÒžÕžÕ¡C
€p§ÌŠbIIS€U, ±N¬Y­ÓµêÀÀ¥Ø¿ýªº "¥Ø¿ýŠw¥þ³]©w" ³]©wŠp€U
°ÎŠWŠsšú€ÎÅçÃÒ±±šî: šú®ø°ÎŠWŠsšú, ŠA°tŠX ŸãŠXªºWindowsÅçÃÒ
IPŠì§}€Îºô°ìŠWºÙ­­šî: ±Â€©ŠsšúÅv
€å¥óªº³]©w¬° ±Ò¥Î¹w³]€å¥ó(°²³]¹w³]¬°index.aspxŠn€F)
ŠbÀÉ®×Á`ºÞžÌ,§Ú±NEveryone®³±Œ,¥u€¹³\Domain UsersŪšú (µL­×§ï€ÎŒg€JÅv­­)
ŠpªG§Úªœ±µŠbºô§}€W¥Ž http://www.abc.com.tw/DOC/index.aspx
ÁöµM·|¥X²{­nšDµn€Jºô°ìªºµe­±
Šý§Úªœ±µªÅ¥Õ,µM«á«öœT©w
ÁÙ¬O¥i¥H¹L, ŠÓ¥BÁÙ·|¬Ýšì index.aspx ªºµe­±..
€ñŠp»¡IIS³]©w,©ÎÀÉ®×Á`ºÞ€€ªº³]©w??
³Â·ÐŠUŠì€j€j€F..«ô°U«ô°U...
šÆÃö€œ¥qªºšt²ÎŠw¥þ°Ú~~
Bernard Cheah [MVP]
2005-08-22 07:00:25 UTC
Permalink
Need to look at the IIS log files. As per your requests, you can look at IIS
authentication + authorization. here's few kb links.
How To Use NTFS Security to Protect a Web Page Running on IIS 4.0 or 5.0
http://support.microsoft.com/?id=299970
HOW TO: Configure User and Group Access on an Intranet in Windows 2000 or
Windows NT 4.0
http://support.microsoft.com/?id=325358
How To Configure User and Group Access on an Intranet in Windows Server 2003
http://support.microsoft.com/?id=326214
How IIS authenticates browser clients
http://support.microsoft.com/?id=264921
--
Regards,
Bernard Cheah
http://www.microsoft.com/iis/
http://www.iiswebcastseries.com/
http://www.msmvps.com/bernard/
€p§ÌŠbIIS€U, ±N¬Y­ÓµêÀÀ¥Ø¿ýªº "¥Ø¿ýŠw¥þ³]©w" ³]©wŠp€U
°ÎŠWŠsšú€ÎÅçÃÒ±±šî: šú®ø°ÎŠWŠsšú, ŠA°tŠX ŸãŠXªºWindowsÅçÃÒ
IPŠì§}€Îºô°ìŠWºÙ­­šî: ±Â€©ŠsšúÅv
€å¥óªº³]©w¬° ±Ò¥Î¹w³]€å¥ó(°²³]¹w³]¬°index.aspxŠn€F)
ŠbÀÉ®×Á`ºÞžÌ,§Ú±NEveryone®³±Œ,¥u€¹³\Domain UsersŪšú (µL­×§ï€ÎŒg€JÅv­­)
ŠpªG§Úªœ±µŠbºô§}€W¥Ž http://www.abc.com.tw/DOC/index.aspx
ÁöµM·|¥X²{­nšDµn€Jºô°ìªºµe­±
Šý§Úªœ±µªÅ¥Õ,µM«á«öœT©w
ÁÙ¬O¥i¥H¹L, ŠÓ¥BÁÙ·|¬Ýšì index.aspx ªºµe­±..
€ñŠp»¡IIS³]©w,©ÎÀÉ®×Á`ºÞ€€ªº³]©w??
³Â·ÐŠUŠì€j€j€F..«ô°U«ô°U...
šÆÃö€œ¥qªºšt²ÎŠw¥þ°Ú~~
继续阅读narkive:
Loading...