IIS 7 and Above
Help setting permissions for IIs site access for domain groups
Last post Mar 04, 2020 03:25 AM by Jalpa Panchal
Mar 03, 2020 10:02 PM|acenyc|LINK
I have a test network that I am using for my certifications. I have a domain controller and a member server with IIS configured connected to the domain. The IIs version is 8.5 9600. I have two IIS sites configured in IIS. One site is called intranet and
the other site is called finance. I have tried to configure the finance site so only members of the finance group can access the finance IIS site.
If a user that is not in the finance group opens the shortcut that deploys the intranet site, and manually types the address of the finance site, they can access the finance site. I think my permissions are not configured properly. I just began learning
IIS and I am seeking assistance troubleshooting this problem. Any help would be appreciated.
I wanted to add screenshots of my configuration but I don't know how to add them on this forum.
Mar 04, 2020 03:25 AM|Jalpa Panchal|LINK
You could restrict ad users by adding below rule in web.config file:
<?xml version="1.0" encoding="UTF-8"?>
<remove users="*" roles="" verbs="" />
<add accessType="Allow" roles="myDomain\myGroup01" />
<add accessType="Deny" roles="myDomain\myGroup02" />
<add accessType="Deny" users="*" />
make sure you set authentication in iis:
Enable: Windows Authentication
Disable: Anonymous Authentication
You could not attach the file in a post but you could paste your config code in a post.