Symbolic links are not accessible from IIS FTP - iis

I want to share files and folders kept in NAS drive through IIS FTP server.
User is able to see all files including my symbolic link of folder which is on NAS drive but when user try to access he/she gets error "username or password incorrect".
How do I make NAS drive files available through my IIS FTP server.

Make sure you have assigned the iis_iusrs and iusr permission to the shared folder. check FTP authentication basic is disabled and anonymous is enabled:
add authorization allow rule for the user:
at the time of connection enter the username: testdomain/administrator and password correctly.

Related

Do I have to secure requests already secured by permissions?

I have a admin website where every url requires some level of permissions. One of these urls is for deleting user's folder via SSH (different machine). Admin with required rights for this url has also access to all informations about every user (except gdpr restricted). Basically, its kind of superadmin. This admin POSTs username which is part of path used in ssh shell cmd(vulnerability). My colleague recently pointed out that permission is not enough and input should be secured (f.e. regexp) as well even for admin. Is that really necessary? Should we count with scenario where admin (with rights to delete all user's folders) wants to hack virtual machine?

User has full access to directory, gets 401.1

Can someone explain what causes this to happen? I am logged into a web server with UserA. UserA has full access to a directory where files are hosted in IIS. When I browse an .asmx file in the directory UserA has full access to using IIS, I get a password prompt. I input my credentials in, and no matter how many times I try, I get a 401.1 access denied. The only type of authentication being used on this site is Windows authentication.
I just fail to understand why a user with full access to the files is denied access to them by IIS. Can someone please explain what is happening here?
This is IIS 7.5. Windows Server 2008

RHEL- Limited root access

I need to allow certain users limited access to the lab server. The server is RHEL 5.6. However, I don't want to give them the root access. Basically, we have configured a LDAP server where all the users have centralized NFS and LDAP login from any of the client machines in the network. So, the LDAP users home area is located in /home/users in the server. I need to give access to only this folder to a certain user.
If I edit the visudo file and add the following line in the RHEL server, will I be able to accomplish what am looking for?
user1, %operator ALL= /home/users
When you are authenicating users with ldap and nfs mounted share, as such users of ldap or without ldap would be restricted to work in their home directory only.
Thanks & Regards,
Alok Thaker
Basically, as you giving all users access as users not as root hence all users will not have root access either using local authentication or remote authentication. I hope the users don't know your root password. :)
SUDO is used only when you want to give some users privilege to run the command as root like a normal user will not be able to do the command "service network restart" but if you allow the user have sudo privileges, he will be able to do it.

II7 prompt for username/password for virtual directory

I have a virtual directory setup on my server. The main website is public on port 80 but I have a /subfolder virtual directory that I want to ask for a username and password (not a ASP page, standard username password prompt).
Any ideas?
You can set the permissions on each directory separately, so you can leave the main site open to everyone (allow anonymous access), but then restrict the subdirectory (turn off anonymous access and turn on something else, such as basic authentication--just be aware of the security implications if you use basic authentication over HTTP instead of HTTPS). Select the directory and then click on the Authentication option to change these settings.
See also http://technet.microsoft.com/en-us/library/cc733010%28WS.10%29.aspx for more info on the pros and cons of various authentication options and the things you should consider.

IIS 7.5 Virtual Directory getting Unauthorized: Access is denied due to invalid credentials

I have a web application that is trying to access images from a shared folder on a different server.
In my web app, I created a new virtual directory. The alias is QCPhotos and the path is \alta\QCPhotos. Alta is a different server than my web server, which is Brighton.
I am getting the error:
401 - Unauthorized: Access is denied due to invalid credentials.
You do not have permission to view this directory or page using the credentials that you supplied.
In trying to debug, on the Alta server, I have given the Everyone user full access to this folder. I also gave {domain}\Brighton$ full access to the folder.
I turned on Directory Browsing, and that seems to work fine. I can list the contents of the folder, but as soon as I click on a jpg image, this error comes up.
Well, I'm still not sure why it wasn't letting me access, but I created a domain user acct named QCPhotos. I gave that user read permissions on the folder, and then set the virtual directory to use this user in IIS. This fixed my problem.

Resources