To check to see if users have rights to login to your IIS server, check their NT group. First, get their NT group list in the Global.asa file:
Sub Session_OnStart
on error resume next
strUsername=Replace(ucase(Request.ServerVariables("LOGON_USER")) , "\", "/")
set adsUser = getobject("WinNT://" & strUsername)
for each group in adsUser.groups
GrpList = GrpList & lcase(trim(group.name)) & ";"
next
if instr(1, GrpList ,"SecureNTGroupName") then session("permission") = "OK"
End sub
Then in your ASP page, check on a session variable to see if they are allowed in or not.:
<%
if session("permission") <> "OK" then Response.Redirect "loginfailure.asp"
%>
IIS 4.0 allows you to have multiple web sites on one machine. Though IIS 3.0 has this capability, IIS 4.0 expands the functionality of multiple web sites by adding additional characteristics to sub-directories, and allow for multiple applications. Special considerations need to be made when designing and administrating multiple web sites on a single machine, including when to use sub-directories, when to use virtual directories, how to handle security, and the handling of multiple applications. [Read This Article][Top]
This article is a reprint of chapter 15, by Nelson Howell , in a new book called 'Using Microsoft Internet Information Server 4' from Que Education & Training (ISBN 0789712636) due for publication in early March 1998. The chapter covers performance tuning of the Internet Information Server version 4.0. Including: What is performance, building web sites for speed, and the performance monitor. [Read This Article][Top]
This article is a reprint of chapter 16, by Nelson Howell , in a new book called 'Using Microsoft Internet Information Server 4' from Que Education & Training (ISBN 0789712636) due for publication in early March 1998. This chapter covers understanding and planning for server-side loading with the Internet Information Server version 4.0. Including determining load using performance monitor, using event viewer to discover errors, using TCP/IP troubleshooting utilities, configuring ODBC loads and understanding IIS logging. [Read This Article][Top]
This article is a reprint of chapter 19, by Nelson Howell , in a new book called 'Using Microsoft Internet Information Server 4' from Que Education & Training (ISBN 0789712636) due for publication in early March 1998. This chapter covers being your own ISP: allowing dynamic user access. Including: setting up and providing clients with the ability to control their own Web site is a simple matter and getting the content there are two ways of uploading content to client Web sites: the traditional FTP method and the newer HTTP PUT facility. [Read This Article][Top]
This article is a reprint of chapter 19, by Nelson Howell , in a new book called 'Using Microsoft Internet Information Server 4' from Que Education & Training (ISBN 0789712636) due for publication in early March 1998. This chapter covers advanced security concepts. Including: how to secure content Enforce security permissions for sensitive and private content and configuring user authentication understand and use authentication methods for securing content. [Read This Article][Top]
This issue discusses and demonstrates how to run isolated ISAPI applications. Included are considerations for moving your ISAPI application from IIS 3.0 to IIS 4.0, performance considerations and the effects of isolated ISAPI applications on ODBC connection pooling. [Read This Article][Top]
In this issue, we will discuss how to use custom error pages with IIS 4.0. With IIS 4.0, you can return special pages for each web site error instead of the default pages. So instead of the message "404 File Not Found," the user could have a list of optional links with your company header and an apologetic message. We will demonstrate how to get the most from custom error pages by using Active Serve pages to customize the message. [Read This Article][Top]
This article will describe how to implement a banner rotation scenario where the pages served are static, i.e. .htm, and do not have the flexibility to call components. The task is to dynamically serve banners and statically serve pages. This is the opposite of the scenario for banner rotation components, which statically serve banners and dynamically serve pages. [Read This Article][Top]
Have you wanted to add virtual roots through VBScript? Create ISAPI server extensions that install themselves in IIS 4.0? Or script the installation of your entire web site including user permissions? You can do this and more with ADSI. [Read This Article][Top]
ADSI Part II describes and demonstrations the power of ADSI by showing how to manipulate the NTLM database. Examples in this article show how to add a user to a domain, delete the user, add a group, and add the user to the group. There is also a discussion on security and an overview of the Group, User and Domain ADSI objects. [Read This Article][Top]
ServerObjects Inc. announces AspCodeLock. This product will allow you to encrypt ASP script code at development time. AspCodeLock will dynamically decode the script when requested by IIS and execute it under the ASP environment. Your ASP code is processed in memory and is not written unencrypted to disk by AspCodeLock
