Anonymous Authentication in IIS 6.0

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1

Anonymous authentication gives users access to the public areas of your Web or FTP site without prompting them for a user name or password. By default, the IUSR_computername account is used to allow anonymous access.

In IIS 6.0, anonymous authentication no longer requires the Allow log on locally user right, because NETWORK_CLEARTEXT is now the default logon type for anonymous and basic authentication.

During setup, the IUSR_computername account is added to the Guests group on the computer running IIS. Guests have the same access as members of the Users group by default, except for the Guest account, which is further restricted.

This section includes the following information:

• Enabling Anonymous Authentication: Describes how to enable anonymous authentication for a Web site.

• Changing the Account Used for Anonymous Authentication: Describes how to configure an account for anonymous authentication.

• Configuring Subauthentication: Describes how to configure subauthentication to manage passwords for anonymous accounts.