Hello all-
I have unfortuantely had to migrate our intranet servers from Apache running on Linux to Windows 2003 and IIS because the Kerberos authentication the linux box was doing against Active Directory for the website authentication ended up breaking Active Directory after 6-months. The migration (total rebuild, actually) went fine but here is the problem I am having.... One server is a development box which I use to develop the site and one is the production server. I have the servers configured to use Active Directory for their authentication and that works fine. However, the problem I am having is with the development box. I only want users in the "Intranet_Development" group in Active Directory to access the site. However, anyone with a valid AD account can still access the site even though I've removed IIS_HOST user, and added the "Intranet_Development" group to the folder. I also unchecked "Allow Anonymous Access" in IIS. I have enabled Basic Authentication and will setup SSL later. What I am trying to do is prevent prying eyes from seeing what is being developed before it is even released to the general office public. Any ideas?
Thanks!
Steve
I have unfortuantely had to migrate our intranet servers from Apache running on Linux to Windows 2003 and IIS because the Kerberos authentication the linux box was doing against Active Directory for the website authentication ended up breaking Active Directory after 6-months. The migration (total rebuild, actually) went fine but here is the problem I am having.... One server is a development box which I use to develop the site and one is the production server. I have the servers configured to use Active Directory for their authentication and that works fine. However, the problem I am having is with the development box. I only want users in the "Intranet_Development" group in Active Directory to access the site. However, anyone with a valid AD account can still access the site even though I've removed IIS_HOST user, and added the "Intranet_Development" group to the folder. I also unchecked "Allow Anonymous Access" in IIS. I have enabled Basic Authentication and will setup SSL later. What I am trying to do is prevent prying eyes from seeing what is being developed before it is even released to the general office public. Any ideas?
Thanks!
Steve
