X
xiaohang zhu
Hi all,
I create a aspnet web app for my company. I set it up on a win2000
server with IIS5 as a intranet app. For security, I want to restrict
the write permission only to a specified group. To do this, I tried to
set up this way. First, I set iis to use Integrated authentication,
anonymous access is disabled. Second, I modified machine.config. I
modified the <identity impersonate="true" />. I check that
<authentication mode="Windows" />. By set these two setting, I think
that's enough. To make things simple, I don't have any web.config
files. But things get really strange. I'm denied to access my pages,
it says I don't have permission to access. But I have added all domain
users to have access to these pages. The other strange thing is if I
add the aspnet account to the folder ACL, then everybody can access
pages. It seems that all the access is controled by the aspnet
account. But I do set the impersonate="true", why it still acting like
false.
Hope you understand what I'm talking about and give me some ideas.
Thanks
Jerry
I create a aspnet web app for my company. I set it up on a win2000
server with IIS5 as a intranet app. For security, I want to restrict
the write permission only to a specified group. To do this, I tried to
set up this way. First, I set iis to use Integrated authentication,
anonymous access is disabled. Second, I modified machine.config. I
modified the <identity impersonate="true" />. I check that
<authentication mode="Windows" />. By set these two setting, I think
that's enough. To make things simple, I don't have any web.config
files. But things get really strange. I'm denied to access my pages,
it says I don't have permission to access. But I have added all domain
users to have access to these pages. The other strange thing is if I
add the aspnet account to the folder ACL, then everybody can access
pages. It seems that all the access is controled by the aspnet
account. But I do set the impersonate="true", why it still acting like
false.
Hope you understand what I'm talking about and give me some ideas.
Thanks
Jerry