How to drop NT-challenge credentials?

[Tom Kelleher]

Folks,

On one of my client's sites, we set up a subdirectory off the
app's root directory that doesn't allow the Anonymous IUSR_
account in. When we (the system admins) follow a link to
that directory, it presents the standard NT Challenge login
screen. We need to know proper Windows credentials to get
in -- and once we do, we have access to higher-order functions
(to change the read/write bit on files, to delete files,
etc. through the web interface). All that works fine.

Question: Having completed such a task, it seems safer
to then *drop back* to the security context of the Anonymous
user. I'm leary about navigating the rest of the app with
heightened security clearance, when it's not needed.

Is there a way to do this?

- Tom

 

[Tom Kaminski [MVP]]

Folks,

On one of my client's sites, we set up a subdirectory off the
app's root directory that doesn't allow the Anonymous IUSR_
account in. When we (the system admins) follow a link to
that directory, it presents the standard NT Challenge login
screen. We need to know proper Windows credentials to get
in -- and once we do, we have access to higher-order functions
(to change the read/write bit on files, to delete files,
etc. through the web interface). All that works fine.

Question: Having completed such a task, it seems safer
to then *drop back* to the security context of the Anonymous
user. I'm leary about navigating the rest of the app with
heightened security clearance, when it's not needed.

Is there a way to do this?

Close the browser or ...
http://support.microsoft.com/?kbid=195192

--
Tom Kaminski IIS MVP
http://www.microsoft.com/windowsserver2003/community/centers/iis/
http://mvp.support.microsoft.com/
http://www.iisfaq.com/
http://www.iistoolshed.com/ - tools, scripts, and utilities for running IIS
http://www.tryiis.com

 

[Tom]

Tom,
Thanks very much! I was hoping there would be some way native to ASP or VBscript, but I'll take what I can get.

- Tom