Users Prompted for Authentication When No NTFS Restrictions Apply (229781)
The information in this article applies to:
- Microsoft Internet Information Server 1.0
- Microsoft Internet Information Server 2.0
- Microsoft Internet Information Server 3.0
- Microsoft Internet Information Server 4.0
- Microsoft Internet Information Services 5.0
This article was previously published under Q229781 We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. IIS 6.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site: SYMPTOMS
When you attempt to browse a Web resource that has no NTFS file-level restrictions applied (for example, the Everyone group is granted full control rights), you may be prompted for a username and password.
CAUSE
You will be prompted for a username and password when you attempt to browse a Web resource that has no NTFS file-level restrictions applied when there are share-level restrictions.
When you attempt to access a remote Windows NT resource, most restrictive permissions apply. Therefore, even though the Everyone group may have full control at the NTFS file level, share permissions must still be negotiated. For example, if the \Inetpub\Wwwroot directory is shared and only administrators are granted access at the share level, only the administrators group will be able to access the Wwwroot directory of the Web server through a browser on a remote client.
RESOLUTION
To resolve this problem, set share-level permissions the appropriate level for the directory that the IIS virtual directory maps to.
| Modification Type: | Minor | Last Reviewed: | 6/23/2005 |
|---|
| Keywords: | kbprb KB229781 |
|---|
|