NetResults ProblemTracker
Applying Security Using IIS 4.0 & NT Personal Web Server

Overview

Internet Information Server 4.0 & NT Personal Web Server use the native security features of the NTFS file system and Windows NT user administration to provide security for web pages. In order to password protect ProblemTracker on any of these web servers you must install it on an NTFS file system.

Instructions

The following instructions assume a workgroup named pteval is installed. For your workgroup, substitute your workgroup name for "pteval" in the steps below.

  1. Enable Authentication
    • Start the Internet Service Manager

      NT Workstation
      Start->Programs->Windows NT 4.0 Option Pack->Microsoft Personal Web Server->Internet Service Manager

      NT Server
      Start->Programs->Windows NT 4.0 Option Pack->Microsoft Internet Information Server->Internet Service Manager

    • Select Default Web Site or a Web Site of your choice
    • Double click on the content directory folder (pteval) in the left window pane. The files included in the pteval folders are displayed in the right window pane.
    • For each file or folder that you would like to password protect, repeat the following steps:
      • Right click on the file or directory. A pull down menu appears. Select Properties.
      • Select the File Security (or Directory Security) tab.
      • Press the Edit... button in the Anonymous Access and Authentication Control.
      • Unselect Allow Anonymous Access.
      • Select Basic Authentication. A warning dialog box will pop up. Press Yes. Press the Edit... button for Basic Authentication.
      • An input dialog for Basic Authentication Domain will pop up. Select the appropriate domain for your Web Server. In most cases it should be the local domain. If so, select Use Default and press OK.
      • Press OK in the Authentication Method dialog box.
      • Press Apply and then OK in the Properties dialog box.

  2. Set File Security on Windows NT
    • Start the Windows NT Explorer
    • Select the directory where ProblemTracker is installed, e.g. pteval.
    • In the right pane of the Explorer, select the directory or file(s) you would like to limit access to. You can select multiple items by holding down the Control key as you click on files.
    • With the files highlighted, select the "File->Properties" menu, click on the Security tab of the dialog, and press the Permissions button.
    • The File Permissions dialog is displayed. By default it has the value "PUSR4<HOSTNAME> Modify" where <HOSTNAME> is the TCP/IP name of the machine where ProblemTracker is installed. Delete this row, and any others that grant access to anyone you do not wish to have access to the selected directory or files. If you do not wish for an individual to see a web page, make sure the user does not have Read (R) permissions for the file or directory.
    • Press the Add... button to display the Add Users and Groups dialog. Under "List Names From:" select your Windows NT domain and click on the Show Users button. Now add any particular user you would like to give access to the select directory or files by selecting their name, pressing the "Add" button, selecting the access type, and pressing OK. Repeat this process for any other users.
    • Back on the File Permissions dialog, press the Add... button to display the Add Users and Groups dialog. Under "List Names From:" select your machine (\\HostName*, where HostName is the name of your machine), and click on the Show Users button. Now add any users you defined earlier (e.g. Administrator) by selecting the name, pressing the "Add" button, selecting the appropriate access and pressing OK.
    • Press the OK button, and the OK button again.
    • Refer to the table in the Web Server Security Overview section to determine which content directories and program files you would like to protect based upon function. Then repeat the process described here for each.

    WMS Operations that can impact your Custom Security Settings

    The Repair, Move, and Upgrade operations that can be performed in the Workgroup Management System can reset the customized security you have applied to the locations listed in the table above. Before you use the Repair, Move, or Upgrade operations, it is recommended that you take note of the security scheme you have applied, then re-apply these changes after using one of those operations.

    For more information on the WMS operations, please refer to the following sections in the WMS Help Guide:

    Repairing a Workgroup
    Moving a Workgroup
    Upgrading a Version 3 Workgroup
    Upgrading a Version 4 or 5 Workgroup