Export (0) Print
Expand All

Disabling Anonymous Access for an Application, Virtual Directory, or Web Site

Updated: August 22, 2005

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1

Integrated Windows authentication is the default authentication method for Windows Server 2003 operating systems. It is required for applications, virtual directories, or Web sites that use URL authorization. Anonymous access is not permitted.

ImportantImportant
You must be a member of the Administrators group on the local computer to perform the following procedure or procedures. As a security best practice, log on to your computer by using an account that is not in the Administrators group, and then use the runas command to run IIS Manager as an administrator. At a command prompt, type runas /user:Administrative_AccountName "mmc %systemroot%\system32\inetsrv\iis.msc".

Procedures

To disable anonymous access for an application, virtual directory, or Web site
  1. In IIS Manager, expand the local computer and then expand the Web Sites folder.

  2. Do one of the following:

    Expand the Web site that contains the application for which you want to configure URL authorization, right-click the application directory, and then click Properties.

    Or

    Expand the Web site that contains the virtual directory for which you want to configure URL authorization, right-click the virtual directory, and then click Properties.

    Or

    Right-click the Web site where you want to configure URL authorization, and then click Properties.

  3. Click the Directory Security tab, and in the Authentication and access control section, click Edit.

  4. Clear Enable anonymous access, ensure that Integrated Windows authentication is checked in the Authenticated access section, and then click OK.

Related Information

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft