My workplace (~10 workstations and a server) serves a site via IIS 7 on Windows Server 2008 R2. (It's a MediaWiki wiki, nothing to do with ASP or .NET; and it's HTTP, not HTTPS.)
Users logged onto the Windows domain can visit the site by Intranet URL — OUR_MACHINE_NAME.local — and this works fine. However, the site is also accessible from the wider Internet (if you happen to know or guess the server's IP address), and for security reasons I want to prevent this. Only users logged into our Windows domain should be able to access the site.
I've spent a while experimenting with the Authorization settings in IIS, but nothing seems to have any effect. I also found some HTTP settings under "Windows Firewall with Advanced Security", but am not sure what I would need to change.
Can someone advise please? (Apologies for any wrong assumptions: I'm a programmer and have little experience of network configuration.)
Related
We have an intranet site that uses Windows Authentication (Running on IIS 7.5). Anyone on our domain (let's call it Domain1) can access the intranet using their Windows credentials. However, we recently set up a trust between our parent company's domain (let's call it ParentDomain) and our domain.
However, no one from the ParentDomain domain can access the intranet using their Windows credentials. I'm not sure what sort of configuration I am supposed to do in IIS to allow ParentDomain users to access the intranet site.
If someone could point me in the right direction to get this set up, that would be great!
Thanks.
Details:
ASP.NET webforms
.NET 4.0
Windows Authentication
IIS 6
Windows Server 2003 SP2
Only one user is having an issue connecting to this one virtual directory. He says he sees this login form in IE, Chrome, and Firefox. He uses his Windows credentials and is unable to login. He is able to access other websites hosted in other virtual directories on the same domain. No others are experiencing this issue. He says he was able to access the site just fine a few weeks ago. What could be causing this dialog box to appear for just this user for just this site no matter what browser he's using?
Since it's all of the user's web browsers, this points to something with the user's permissions on the server for that particular website.
If it worked before as the user states, perhaps you can ask your server admins if anything was changed regarding user permissions on the server a few weeks ago.
Another path to go down would be to see if the user (or desktop admins) has installed any software on his/her machine that would disallow or alter Windows authentication in the browser for this site. This is far more unlikely than a simple user permissions issue on the server since he/she can still access other protected websites with Windows authentication, but it might be worth asking about if you've run out of options.
Yet another unlikely possibility would be a rule change on the user's network's firewall that would somehow disallow this user's IP address and Windows authentication to this website. Again, super unlikely, but I wanted to cover the bases here.
i am deploying an ASP.NET 4.0 Application to a production server .
The server is an intranet server. In the binding of the site, I assigned an IP Address and a port number and it works fine in the form http://xx.x.xx.x:888/. Then I would like our user to use a friendly URL to access to the website. So I asked our IT manager to assign a friendly URL to this url. the friendly URL is like this http://sitename.mycompanyname.ca:888.
The problem is when I try accessing the site with the friendly URL it keeps pop-asking me for my credential and never lets me get into the site. Thanks for your helping.
Server environment:
Windows 2008
IIS 7.5
Server and users are all in intranet.
*Update:
If I stop the site, it gives me another "Internet explorer cannot display the page" error. So I guess this site is taking care of the request for this host name
I found that I can browse this site using host name if I am on the production server.But it doesn't work if I try on another computer.
Just found that It doesn't work with IE 9 32 bit but it works with Chrome and firefox, which is very weird...
*
The site's authentication and authorization is like below
I don't see that you mentioned this, but did you try adding the port to your friendly URL? ie. http://sitename.mycompanyname.ca:888 ?
Let us know!
Ricky
Enable anonymous authentication. That's it ;)
http://technet.microsoft.com/nl-nl/library/cc770966%28v=ws.10%29.aspx
I developed my first website for a simple internal application using Webmatrix in a Windows 2008 Server R2 machine.
I'm able to open the site with a browser in the same machine as it is running, but cannot open it from any other machine in the network. I cannot open the default IIS7 website either.
The error is 401 - Unauthorized: Access is denied due to invalid credentials.
This is what I have done so far, without any changes in the results:
Changed the port of my site to 80, and the default to 8080
Where it lists all the sites (so far just the default and mine), right-clicked on my site, selected Edit Permissions, selected the Security tab, and verified that Everyone has Allow permissions for everything
Where it lists all the sites (so far just the default and mine), right-clicked on my site, selected Edit Permissions, selected the Security tab, and added Domain Users with Read & execute, List folder contents and Read permissions.
BTW, this fellow seem to have the same problem and there were no answers: How to allow users from other computers to connect to my IIS7 website?
I found the answer in Enabling Non Localhost access to WebMatrix
I have developed an asp.net web site and deployed it to IIS on my local pc. I am trying to set up my pc to be a temporary web server, but no matter what I do, I cannot access it from another machine. I just get a "Server not responding message". I have turned off the firewall and MS Security Essentials, but it is making no difference. All the other tips I have seen do not work.
The trouble is there are so many ways to go wrong here.
You are currently running IIS and not just testing in Cassini?
You can go to IIS Manager and see Default Web Site?
You can do a Browse under Actions when Default Web Site is selected?
You can get to your machine from another machine?
On your machine, can you browse to http://your-machine/your site? (Not just http://localhost).
Ensure that remote access and http access is turned off on your firewall. Are the other machines you've tested within your domain?