HOW TO: Use NTFS Security to Protect a Web Page Running on IIS in Windows Server 2003 (325357)


The information in this article applies to:

  • Microsoft Windows Server 2003, Datacenter Edition
  • Microsoft Windows Server 2003, Enterprise Edition
  • Microsoft Windows Server 2003, Standard Edition
  • Microsoft Windows Server 2003, Web Edition
  • Microsoft Windows Server 2003, 64-Bit Datacenter Edition
  • Microsoft Windows Server 2003, 64-Bit Enterprise Edition
  • Microsoft Active Server Pages
  • Microsoft Internet Information Services version 6.0
  • Microsoft Windows Small Business Server 2003, Standard Edition
  • Microsoft Windows Small Business Server 2003, Premium Edition
This article was previously published under Q325357
For a Microsoft Windows 2000 version of this article, see 299970.

IN THIS TASK

SUMMARY

This is a step-by-step guide to using Windows NTFS file system security to protect Web pages that are running on Microsoft Internet Information Services (IIS).

NOTE: This article does not outline the best practices for using Microsoft FrontPage and the Microsoft FrontPage Server Extensions. back to the top

Requirements

To protect your Web page or pages, you need the following:
  • A Web site that is already created and running on Internet Information Services on an NTFS drive partition.
  • Administrative access to the server.
  • Domain Users and groups to whom you will grant access.
back to the top

Check the File System Type

  1. Start Windows Explorer.
  2. Right-click the drive that contains the Web content that you want to protect, and then click Properties.
  3. On the General tab, verify that the file system is NTFS.NOTE: If the file system is FAT, you have to convert the file system to NTFS.

back to the top

Protect the Page

  1. Move the page or pages that you want to protect into a separate folder, and make sure that you update hyperlinks if they have to be updated. To move the pages, follow these steps:
    1. Right-click Start, and then click Windows Explorer.
    2. Locate the folder that contains your Web content.
    3. Select the top-level folder of your Web content. On the File menu, point to New and then click Folder.
    4. Give the folder a name, and then press ENTER.
    5. Hold down CTRL and select each of the pages that you want to protect.
    6. Right-click the pages, and then click Copy.
    7. Right-click the new folder, and then click Paste.NOTE: If you have hyperlinks to these pages, you have to update them to reflect the new location.

  2. In Windows Explorer, click the content folder that contains the page or pages that you want to protect.
  3. Right-click the folder, click Properties, and then click the Security tab.
  4. In the top pane, click Everyone, and then click Remove.

    WARNING: Do not remove SYSTEM group.
  5. Click Add.
  6. Type the names of the users or groups to whom you want to grant access to the page.

    NOTE: These users and groups must already be part of the domain in which the Web server resides. If they are not, you must add them before do this step.
  7. Click OK.
  8. If you are prompted to choose from multiple instances of the name, choose the one or ones to which you want to add, and then click OK.
  9. In the top pane, select the user or group that you just added and then select the permissions that you want to grant in the bottom pane. Read and Execute permissions are generally enough, but in some cases you may want to grant Write or Full Control permissions.
  10. Click OK.
back to the top
Modification Type:MinorLast Reviewed:3/27/2006
Keywords:kbWebServices kbAppServices kbHOWTOmaster KB325357 kbAudDeveloper kbAudITPro
©2004 Microsoft Corporation. All rights reserved.