Microsoft KB Archive/299970

From BetaArchive Wiki

Article ID: 299970

Article Last Modified on 11/22/2005


APPLIES TO

  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Service Pack 1
  • Microsoft Windows 2000 Service Pack 2
  • Microsoft Windows NT Server 4.0 Standard Edition
  • Microsoft Windows NT version 4.0 Option Pack
  • Microsoft Small Business Server 2000 Standard Edition
  • Microsoft eMbedded Visual C++ 4.0
  • Microsoft Internet Information Server 4.0
  • Microsoft Internet Information Services 5.0


This article was previously published under Q299970

We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. IIS 6.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:

http://www.microsoft.com/technet/security/prodtech/IIS.mspx


IN THIS TASK

SUMMARY Requirements Check the File System Type Protect the Page

REFERENCES

SUMMARY

This is a step-by-step guide to using Windows NTFS permissions to protect Web pages that are running on Internet Information Server (IIS) version 4.0 or 5.0. To protect your pages, you put the pages in a separate folder and then apply permissions to that folder.

Note that this article does not outline the best practices for using FrontPage and the FrontPage Server Extensions. For more information about best practices using FrontPage and the FrontPage Server Extensions, click the following article number to view the article in the Microsoft Knowledge Base:

216705 How to set permissions on a FrontPage Web on IIS


back to the top

Requirements

To protect your page or pages, you need the following:

  • A Web site that is already created and running on Internet Information Server version 4.0 or 5.0 on an NTFS drive partition.
  • Administrative access to the server.
  • Users and groups to whom you wish to grant access access to the Web content.

back to the top

Check the File System Type

  1. On the server desktop, double-click the My Computer icon.
  2. Right-click the drive that contains the Web content that you want to protect, and then click Properties.
  3. On the General tab, make sure that the file system is NTFS.NOTE: If the file system is FAT, this solution will not work. If you want to convert the file system to NTFS, see the following Knowledge Base article:

    214579 How to use Convert.exe to convert a partition to the NTFS file system

back to the top

Protect the Page

For Windows 2000

  1. Move the page or pages that you want to protect into a separate folder, taking care to update your hyperlinks if necessary. To do this, follow these steps:
    1. Right-click Start and click Explore to open Windows Explorer.
    2. Browse to the folder that contains your Web content.
    3. Select the top-level folder of your Web content. On the File menu, point to New and then click Folder.
    4. Give the folder a name and press ENTER.
    5. Hold down CTRL and select each of the pages that you want to protect.
    6. Right-click the pages and click Copy.
    7. Right-click the new folder and click Paste.NOTE: If you have hyperlinks to these pages, you need to update them to reflect the new location.


  2. Right-click Start and click Explore to open Windows Explorer.
  3. Click the content folder that contains the page or pages that you want to protect.
  4. Right-click the folder, click Properties, and then click the Security tab.
  5. Remove the Everyone group from the list of names in the top pane.

    IMPORTANT: Do not remove SYSTEM or Administrator.
  6. Click Add.
  7. Type the names of the users or groups to whom you want to grant access to the page.
  8. Click OK. Note that these users and groups must already be part of the domain in which the Web server resides. If they are not, you must add them before you proceed.
  9. If you are prompted to choose from multiple instances of the name, choose the one or ones to which you want to grant access. Click OK.
  10. In the top pane, select the user or group that you just added and then select the permissions that you want to grant in the bottom pane. Generally Read and Execute permissions are sufficient, but in some cases you may wish to grant Write or Full Control permissions.
  11. Click OK.

back to the top

For Windows NT 4.0

  1. Move the page or pages that you want to protect into a separate folder, taking care to update your hyperlinks if necessary. To do this, follow these steps:
    1. Right-click Start and click Explore to open Windows Explorer.
    2. Browse to the folder that contains your Web content.
    3. Select the top-level folder of your Web content. On the File menu, point to New and then click Folder.
    4. Give the folder a name and press ENTER.
    5. Hold down the CTRL key and select each of the pages that you want to protect.
    6. Right-click the pages and click Copy.
    7. Right-click the new folder and click Paste.NOTE: If you have hyperlinks to these pages, you need to update them to reflect the new location.


  2. Right-click Start and click Explore to open Windows Explorer.
  3. Click the content folder that contains the page or pages that you want to protect.
  4. Right-click the folder, click Properties, and then click the Security tab.
  5. Click Permissions and select Replace Permissions on Existing File.
  6. Remove the Everyone group from the list of names in the top pane.

    IMPORTANT: Do not remove SYSTEM or Administrator.
  7. Click Add and type the names of the users or groups to whom you want to grant access to the page.
  8. Click OK. Note that these users and groups must already be part of the domain in which the Web server resides. If they are not, you must add them before you proceed.
  9. If you are prompted to choose from multiple instances of the name, choose the one or ones to which you want to grant access. Click OK.
  10. On the Type of Access list, select the appropriate permissions. Generally Read and Execute are sufficient, but in some cases you may wish to grant Write or Full Control.
  11. Click OK.

back to the top


REFERENCES

For more information about NTFS permissions, see the following Knowledge Base article:

187506 Required NTFS permissions and user rights for IIS 4.0


For general information about permissions in Windows NT and Windows 2000, see the following Knowledge Base articles:

148437 Default NTFS permissions in Windows NT


271071 How to set required NTFS permissions and user rights for an IIS 5.0 Web server


266118 How to restore the default NTFS permissions for Windows 2000




back to the top

Keywords: kbhowtomaster KB299970



Send feedback to Microsoft

© Microsoft Corporation. All rights reserved.


Retrieved from ‘https://www.betaarchive.com/wiki/index.php?title=Microsoft_KB_Archive/299970&oldid=164266
the Creative Commons 3.0 ShareAlike (except the Microsoft KB Archive).
Powered by MediaWiki