Taking user out of MACHINENAME\Users group does not disallow them from authenticating with IIS site
Posted
by jayrdub
on Server Fault
See other posts from Server Fault
or by jayrdub
Published on 2009-09-16T18:35:31Z
Indexed on
2010/04/11
5:03 UTC
Read the original article
Hit count: 231
I have a site that has anonymous access disabled and uses only IIS basic authentication. The site's home directory only has the MACHINENAME\Users
group with permissions. I have one user that I don't want to be able to log-in to this site, so I thought all I would need to do is take that user out of the Users
group, but doing so still allows him to authenticate. I know it is the Users
group that is allowing authentication because if I remove that group's permissions on the directory, he is not allowed to log in.
Is there something special about the Users
group that makes it so you are actually always a part of it?
Is the only solution to revoke the Users
group's permissions on the site's home directory and grant a new group access that contains only the allowed users?
© Server Fault or respective owner