+ Post New Thread
Results 1 to 9 of 9
Home Access Plus+ Thread, Access Restrictions in Projects:; I'm probably missing something obvious but having followed previous posts on the subject and I am confused... I have added ...
  1. 8th February 2013, 11:44 AM #1
    TotalGeek
    TotalGeek is offline
    TotalGeek's Avatar
    Join Date
    Aug 2011
    Location
    South London
    Posts
    49
    Thank Post
    5
    Thanked 2 Times in 2 Posts
    Rep Power
    4

    Access Restrictions

    I'm probably missing something obvious but having followed previous posts on the subject and I am confused...

    I have added this code to my web.config file...

    Code:
    <location path="default.aspx">
        <system.web>
            <authorization>
                <allow roles="Sec_HapUsers" />
                <deny users="*" />
            </authorization>
        </system.web>
    </location>
    However when accessing with a user that is not in the [Sec_HapUsers] AD Group it comes up unauthorized but I am still able to browse to My Files from the link that is above the unauthorized text in the drop down menu.

    I am using HAP 8.7... Any ideas?
    Last edited by TotalGeek; 8th February 2013 at 11:45 AM.
  2. IDG Tech News
  3. 8th February 2013, 02:08 PM #2
    nickbro
    nickbro is offline
    nickbro's Avatar
    Join Date
    Jul 2010
    Location
    Gilwern, Wales
    Posts
    2,573
    Thank Post
    27
    Thanked 385 Times in 323 Posts
    Rep Power
    89
    Send a message via MSN to nickbro Send a message via Skype™ to nickbro
    Is that an AD Group or an AD Org Unit?
  4. 11th February 2013, 10:50 AM #3
    TotalGeek
    TotalGeek is offline
    TotalGeek's Avatar
    Join Date
    Aug 2011
    Location
    South London
    Posts
    49
    Thank Post
    5
    Thanked 2 Times in 2 Posts
    Rep Power
    4
    Hi Nick

    It is an AD Security Group...
  5. 11th February 2013, 11:08 AM #4
    nickbro
    nickbro is offline
    nickbro's Avatar
    Join Date
    Jul 2010
    Location
    Gilwern, Wales
    Posts
    2,573
    Thank Post
    27
    Thanked 385 Times in 323 Posts
    Rep Power
    89
    Send a message via MSN to nickbro Send a message via Skype™ to nickbro
    Should be
  6. 11th February 2013, 12:14 PM #5
    TotalGeek
    TotalGeek is offline
    TotalGeek's Avatar
    Join Date
    Aug 2011
    Location
    South London
    Posts
    49
    Thank Post
    5
    Thanked 2 Times in 2 Posts
    Rep Power
    4
    The problem though is that although I get the unauthorized page I am still able to browse My Files of that user that should be unauthorized.

    Is there a way to stop that from happening?
  7. 11th February 2013, 03:25 PM #6
    nickbro
    nickbro is offline
    nickbro's Avatar
    Join Date
    Jul 2010
    Location
    Gilwern, Wales
    Posts
    2,573
    Thank Post
    27
    Thanked 385 Times in 323 Posts
    Rep Power
    89
    Send a message via MSN to nickbro Send a message via Skype™ to nickbro
    MyFiles is an unrestricted section, it'll restrict on the mapping definitions.

    To stop a specific user group from seeing MyFiles, open ~/myfiles/web.config and edit it like ~/bookingsystem/web.config

  8. Thanks to nickbro from:

    TotalGeek (12th February 2013)
  9. 12th February 2013, 10:02 AM #7
    TotalGeek
    TotalGeek is offline
    TotalGeek's Avatar
    Join Date
    Aug 2011
    Location
    South London
    Posts
    49
    Thank Post
    5
    Thanked 2 Times in 2 Posts
    Rep Power
    4
    Thanks Nick... There wasn't a web.config in the MyFiles directory otherwise I might have guessed to do that myself...

    Many thanks for your help and for such a great project.... I am going to try to badger my bursar to give you a donation...
  10. 12th February 2013, 03:24 PM #8
    nickbro
    nickbro is offline
    nickbro's Avatar
    Join Date
    Jul 2010
    Location
    Gilwern, Wales
    Posts
    2,573
    Thank Post
    27
    Thanked 385 Times in 323 Posts
    Rep Power
    89
    Send a message via MSN to nickbro Send a message via Skype™ to nickbro
    If you want to stop any tom dick and harry from getting in, you can try
    HTML Code:
     <system.web>
...
    <authorization>
      <deny users="?" />
    </authorization>
    <customErrors mode="Off" />
    <trace enabled="true" pageOutput="true" localOnly="false"/>
  </system.web>
    Change it to

    HTML Code:
     <system.web>
...
    <authorization>
      <allow roles="HAP Users" />
      <allow roles="Domain Admins" />
      <deny users="*" />
    </authorization>
    <customErrors mode="Off" />
    <trace enabled="true" pageOutput="true" localOnly="false"/>
  </system.web>
    See if that works

  11. Thanks to nickbro from:

    TotalGeek (13th February 2013)
  12. 13th February 2013, 01:56 PM #9
    TotalGeek
    TotalGeek is offline
    TotalGeek's Avatar
    Join Date
    Aug 2011
    Location
    South London
    Posts
    49
    Thank Post
    5
    Thanked 2 Times in 2 Posts
    Rep Power
    4
    Yep Tom, Dick and Harry can't get in now
SHARE:
+ Post New Thread

Similar Threads

  1. HAP access restrictions
    By magic2119 in forum Home Access Plus+
    Replies: 11
    Last Post: 12th February 2013, 03:42 PM
  2. AB Tutor Control (or similar) Staff Access Restriction
    By Richie1972 in forum Network and Classroom Management
    Replies: 4
    Last Post: 12th July 2008, 01:47 PM
  3. Students Accessing restricted Sites
    By Grommit in forum Network and Classroom Management
    Replies: 4
    Last Post: 8th February 2008, 08:53 AM
  4. restricting logical access
    By strawberry in forum Windows
    Replies: 1
    Last Post: 30th April 2007, 09:30 AM
  5. Restrict Access To USB Devices
    By MuppetQueen in forum Wireless Networks
    Replies: 25
    Last Post: 15th December 2005, 04:53 PM
« HAP iis6 | RDP for HAP »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules