Incorrect NTFS Permissions When Reducing Account to Browse (225202)
The information in this article applies to:
- Microsoft FrontPage 98 for Windows
This article was previously published under Q225202 SYMPTOMS
When you modify a user's permissions in FrontPage Explorer, the user's
NTFS permissions do not change on that Web's content.
CAUSE
The FrontPage Server Extensions do not properly reduce permissions on the
Web folders and content when the lower-level permission is applied.
WORKAROUND
To work around the problem, remove the account and add it back with Browse
permissions. To do this, use the following steps: - Open the Web in FrontPage Explorer.
- From the Tools menu, click Permissions.
- In the Permissions dialog box, click the account that needs to be
reduced to Browse permissions, click Remove, and then click
Apply.
- To add the account back with Browse permissions, click
Add, click the appropriate domain or server in the Obtain List
From: box, click the account in the Names: box, and then click
Add.
- In the Users Can section, make sure the radio button for
Browse this web is selected.
- Click OK, click Apply, and then click
OK.
- After you add the account back to the Web with Browse
permissions, the NTFS permissions on the folders and content will be set
to correctly Read and Execute and Read respectively.
After you set the account to Browse, another alternative is to use the
FrontPage Server Administrator to Check and Fix the Web and tighten
permissions using the following steps: - On the Web Server, use Windows Explorer to navigate to c:\program
files\microsoft frontpage\.
- Double-click FrontPage Server Administrator.
- In the Select server or port box, click the virtual server
where permissions need to be tightened.
- Click the Check and Fix button.
- When asked, "Do you want FrontPage to tighten security as much
as possible for all FrontPage webs?", click Yes.
- After you tighten security, the NTFS permissions on the folders
and content for the account will be set correctly to Read and Execute and
Read respectively.
MORE INFORMATION
When you demote an account in FrontPage from Administer or Author
permissions down to Browse permissions on an IIS Web server using NTFS,
the account's NTFS permissions on the folders and content remain as
Read/Write/Execute/Delete (RWXD) for folders, and Read/Write/Delete (RWD)
for files, respectively.
The NTFS permissions should be reduced to Read (R) for folders, and
Read/Execute (RX) for files.
FrontPage reduces the permission on the Admin.dll and Author.dll files
correctly, therefore if the account is reduced to Browse, it will not be
able to open the Web in FrontPage for editing. You will still be able to
access the content through Windows Explorer for editing, if the content is
in a shared location.
Modification Type: | Minor | Last Reviewed: | 8/9/2004 |
---|
Keywords: | kbdownload kbprb KB225202 |
---|
|