M
Mathew Uthup
We have a secure directory with an aspx page called Reports.aspx runnig on
Windows2000 server with service pack 4. This directory has access rights to
only a specific gg_support group.We have Disabled anonymous access to this
directory and only enabled windows integrated authentication on this page and
in this directory for this group gg_suupport
However none of the members of this group can access any aspx page in this
directory unless they belong to the admin group. We do not want to give admin
rights to all members of this group nor do we want to give anonymous access
to this directory. The web config file explicitly sets impersonate to false.
No matter what, we cannot get it to work. The only way we can get it to work
is to grant Anonymous access or to give admin rights to this Group. My
understanding based on the readings from MSDN is that if Impersonate is set
to false and Integrated Authentication is enabled by IIS. The aspx worker
thread should execute under the default aspx account for IIS. My question,
isn’t Default account the same as used by the anonymous account? How do I get
it to work with the desired security setting that we need?
Thanks Mathew
Windows2000 server with service pack 4. This directory has access rights to
only a specific gg_support group.We have Disabled anonymous access to this
directory and only enabled windows integrated authentication on this page and
in this directory for this group gg_suupport
However none of the members of this group can access any aspx page in this
directory unless they belong to the admin group. We do not want to give admin
rights to all members of this group nor do we want to give anonymous access
to this directory. The web config file explicitly sets impersonate to false.
No matter what, we cannot get it to work. The only way we can get it to work
is to grant Anonymous access or to give admin rights to this Group. My
understanding based on the readings from MSDN is that if Impersonate is set
to false and Integrated Authentication is enabled by IIS. The aspx worker
thread should execute under the default aspx account for IIS. My question,
isn’t Default account the same as used by the anonymous account? How do I get
it to work with the desired security setting that we need?
Thanks Mathew