To check to see if users have rights to login to your IIS server, check their NT group. First, get their NT group list in the Global.asa file:
Sub Session_OnStart
on error resume next
strUsername=Replace(ucase(Request.ServerVariables("LOGON_USER")) , "\", "/")
set adsUser = getobject("WinNT://" & strUsername)
for each group in adsUser.groups
GrpList = GrpList & lcase(trim(group.name)) & ";"
next
if instr(1, GrpList ,"SecureNTGroupName") then session("permission") = "OK"
End sub
Then in your ASP page, check on a session variable to see if they are allowed in or not.:
<%
if session("permission") <> "OK" then Response.Redirect "loginfailure.asp"
%>
IIS 4.0 allows you to have multiple web sites on one machine. Though IIS 3.0 has this capability, IIS 4.0 expands the functionality of multiple web sites by adding additional characteristics to sub-directories, and allow for multiple applications. Special considerations need to be made when designing and administrating multiple web sites on a single machine, including when to use sub-directories, when to use virtual directories, how to handle security, and the handling of multiple applications. [Read This Article][Top]
This article is a reprint of chapter 15, by Nelson Howell , in a new book called 'Using Microsoft Internet Information Server 4' from Que Education & Training (ISBN 0789712636) due for publication in early March 1998. The chapter covers performance tuning of the Internet Information Server version 4.0. Including: What is performance, building web sites for speed, and the performance monitor. [Read This Article][Top]
This article is a reprint of chapter 16, by Nelson Howell , in a new book called 'Using Microsoft Internet Information Server 4' from Que Education & Training (ISBN 0789712636) due for publication in early March 1998. This chapter covers understanding and planning for server-side loading with the Internet Information Server version 4.0. Including determining load using performance monitor, using event viewer to discover errors, using TCP/IP troubleshooting utilities, configuring ODBC loads and understanding IIS logging. [Read This Article][Top]
This article is a reprint of chapter 19, by Nelson Howell , in a new book called 'Using Microsoft Internet Information Server 4' from Que Education & Training (ISBN 0789712636) due for publication in early March 1998. This chapter covers being your own ISP: allowing dynamic user access. Including: setting up and providing clients with the ability to control their own Web site is a simple matter and getting the content there are two ways of uploading content to client Web sites: the traditional FTP method and the newer HTTP PUT facility. [Read This Article][Top]
This article is a reprint of chapter 19, by Nelson Howell , in a new book called 'Using Microsoft Internet Information Server 4' from Que Education & Training (ISBN 0789712636) due for publication in early March 1998. This chapter covers advanced security concepts. Including: how to secure content Enforce security permissions for sensitive and private content and configuring user authentication understand and use authentication methods for securing content. [Read This Article][Top]
ServerObjects Inc. announces AspCodeLock. This product will allow you to encrypt ASP script code at development time. AspCodeLock will dynamically decode the script when requested by IIS and execute it under the ASP environment. Your ASP code is processed in memory and is not written unencrypted to disk by AspCodeLock
