On IIS 7 I set up an application called "XYZ", and an application pool for it.
I set the identity of this application pool to a custom user, let's call it "Mario".
Mario has NTFS access to the folder/files in which XYZ points to (remote share).
In the XYZ authentication settings, only windows authentication is enabled:
In the providers for windows authentication, only NTLM is active:
Physical path credentials for XYZ are set to application user / pass-through:
So the problem is, when I go to http://server.com/XYZ I get challenged (which is to be expected), but I does not matter what I put in, it looks like the authentication token is not accepted, and the browser challenges me again.
I have looked at logs for Active Directory and the requests are coming through, but even when the user is successfully authenticated the browser challenges again.
HERE'S THE GOAL: to allow directory listing, but to use credentials provided by the user for NTFS access. Right now I can't get that to work. THANK YOU!
Here's the Web.config file:
The trick to getting this to work is to add 'Users' to the permissions. Set up IIS just like you have with NTLM as the top provider, Windows Authentication only enabled (you can get rid of the section in the web.config, all you need is <authentication="Windows" />
) and add IIS_USRS and Users to the permission set.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With