Securing a Virtual Directory
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1
You can configure access permissions when you create a virtual directory.
Important
You must be a member of the Administrators group on the local computer to perform the following procedure or procedures. As a security best practice, log on to your computer by using an account that is not in the Administrators group, and then use the runas command to run IIS Manager as an administrator. At a command prompt, type runas /User:Administrative_AccountName "mmc %systemroot%\system32\inetsrv\iis.msc".
Procedures
To create a secure virtual directory mapped to resources on the local computer
In IIS Manager, expand the local computer, expand the Web Sites folder, right-click the Web Site or folder within which you want to create the virtual directory, point to New, and then click Virtual Directory.
Click Next.
In the Alias box, type the alias for the new virtual directory, and then click Next.
In the Path box, type the path to the local directory, and then click Next.
Select the appropriate check boxes for the access permissions you want to allow, and clear the check boxes for the permissions you want to deny.
Click Next to complete the wizard.
Related Information
For information about changing the security setting on an existing virtual directory, see Changing Security on an Existing Virtual Directory.
For information about using virtual directories, see Using Virtual Directories.