PLEASE NOTE: This is not any kind of "Home work"(Im a 40 year old, none cheating, man)
I'm currently doing a CIW course and have reached the Server Administration module (It's confusing the hell out of me). The course manual is vague and the tutor support hopeless. Ive googled as much as i can and still no answers.
My confusion concerns Authentication for an entire site Vs Authentication for particular users. I'll tell you what (I think) I know.
I understand that to choose the Authentication method for an entire site, you use the "directory security" tab, accessed by selecting the properties option of the "default web site" in ISM (IIS5). Here you may choose, for example, "Basic Authentication".
I guess my first question must be: When a user enters their username and password, what information does IIS use to check this information against, and where is it stored on the server machine?
My second question concerns restricting access to specific pages on a site. This is what my course manual says for the procedure:
1. Select "Properties" on the file called PRIVATE.
2. Click the "Security" tab.
3. In the box that appears, Remove "EVERYONE".
4. Select "SYSTEM".
5. Select the relevant user and click "add".
The example in the course manual then just jumps to another paragraph for the rest of the procedure (I have no idea what happens directly after point 5 above). It goes on to say:
In IIS, open the properties for the default web site.
Click the "directory security" tab and enable "basic authentication".
It is this last step that is confusing me. How is enabling basic authentication having any effect on the PRIVATE file? Isn't enabling basic authentication simply restricting access for the whole site? If "Anonymous Access" where chosen, the PRIVATE folder would still be restricted, wouldn't it?
Please give me a clue on this one. Its been 2 days now and my little brain is really starting to hurt.
Thanks in Advance.
Stuart
I'm currently doing a CIW course and have reached the Server Administration module (It's confusing the hell out of me). The course manual is vague and the tutor support hopeless. Ive googled as much as i can and still no answers.
My confusion concerns Authentication for an entire site Vs Authentication for particular users. I'll tell you what (I think) I know.
I understand that to choose the Authentication method for an entire site, you use the "directory security" tab, accessed by selecting the properties option of the "default web site" in ISM (IIS5). Here you may choose, for example, "Basic Authentication".
I guess my first question must be: When a user enters their username and password, what information does IIS use to check this information against, and where is it stored on the server machine?
My second question concerns restricting access to specific pages on a site. This is what my course manual says for the procedure:
1. Select "Properties" on the file called PRIVATE.
2. Click the "Security" tab.
3. In the box that appears, Remove "EVERYONE".
4. Select "SYSTEM".
5. Select the relevant user and click "add".
The example in the course manual then just jumps to another paragraph for the rest of the procedure (I have no idea what happens directly after point 5 above). It goes on to say:
In IIS, open the properties for the default web site.
Click the "directory security" tab and enable "basic authentication".
It is this last step that is confusing me. How is enabling basic authentication having any effect on the PRIVATE file? Isn't enabling basic authentication simply restricting access for the whole site? If "Anonymous Access" where chosen, the PRIVATE folder would still be restricted, wouldn't it?
Please give me a clue on this one. Its been 2 days now and my little brain is really starting to hurt.
Thanks in Advance.
Stuart
