Exmpl: http://22.50.209.50/usr
Hi Patrick
This is not normal behavour but you may have configured your server to
allow this:
Things to check:
Authentication scheme at the root - are you allowing anonymous?
What version of IIS are you running?
The IIS Anonymous user account (depends on version and how IIS is
configured) needs access to the files on the disk.
So maybe it does not have access to the root folder - someone may have
removed NTFS permissions for the anonymous user account.
On IIS 5 or IIS 6 (running in IIS 5 Compatibility mode) there is an
account called IUSR_computer name.
IIS6 running in Native Mode has an account called ASPNET (if you are
running ASP.NET) otherwise IUSR_Computer name.
IIS7 has an account called IUSR (or it can be configured with the
application pool identity which defaults to NETWORK_SERVICE but you can
change that.
A simple test may be to run a tool called AUTHDIAG and it can be
downloaded here.
http://www.microsoft.com/DOWNLOADS/details.aspx?FamilyID=e90fe777-4a21-
4066-bd22-b931f7572e9a&displaylang=en
Note: AUTHDIAG may not be that usefull but probably worth a look.
Chris
--
---------------------
Chris Crowe [IIS MVP]
http://blog.crowe.co.nz
"Chris Crowe [IIS MVP]" <bl...@crowe.co.nz> wrote in message
news:MPG.248cc523e...@news.microsoft.com...
I may be on the wrong wave length here - do yo want to allow ro restrict
access to anonymous users?
If you want to deny anonymous users you simply can change the
authentication to not allow anonymous - you do not need to disable the
account
Select the web site - right click and select properties.
Go to the Directory Security tab and under "Authentication and Access
Control" section just remove the tick from "Allow anonymous access"