Setting up Basic Authentication for IIS

Default IIS is configured to allow everyone to open the website you are hostin. If you want to use some form of authentication, you can use Basic Authentication so users must enter their credentials to view the site.

Open IIS and navigate to the site that needs the Basic Authentication.

Click on Authentication and disable Anonymous Authentication

Enable Basic Authentication

 
Open IIS and navigate to the site that needs the Basic Authentication.

Click on Edit Permissions

1
Click on the Security tab
Remove the inheritance and remove Users
Click on Add and add the group or users from Active Directory that need access.
Important, if you use an Application Pool also add the Application Pool user, otherwise it will fail
On the Security tab, add the local user `IIS AppPool\`

For example `IIS AppPool\Production_Pool’

It only need Read permission.

Always use SSL

Because otherwise credentials will be send over the wire unencrypted.

Close the security window and open the website, check if there is pop/up where you need to log on.  2
Advertisements
This entry was posted in Microsoft General and tagged , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s