Windows Thread, Restricting access to intranet page in Technical; Hi guys
Pretty simple one I think, I have created a staff intranet page which I intend on making their ...
18th January 2011, 01:50 PM #1
Restricting access to intranet page
Pretty simple one I think, I have created a staff intranet page which I intend on making their homepage. I am fine with all that part. What I want to do is ensure that students cannot access that site.
I figure that I could just add it as a blacklisted URL in the filter for students, but wondered if there was another way, somewhere in windows, perhaps Group Policy or some security setting in IIS.
Apologies for sounding pretty clueless. Any suggestions would be appreciated.
IDG Tech News
18th January 2011, 01:56 PM #2
I have it setup that they can't bypass proxy for local addresses. and then for students don't have an exception for http://staffintraneturl which then the proxy tries to forward to our lea which gives an error.
simple but effective
18th January 2011, 02:19 PM #3
This is possible in IIS, you can assign permissions to a particular folder in IIS as you would a shared folder on the server. You can then either ask for the user to enter a username and password or use the windows login information (neatest).
How you do it depends on the version of IIS you are using.
EDIT: This is a guide for IIS5.0 and IIS6.0 - step 8 is where you can choose the different authentication types, Integrated Windows Authenticated is the most seemless and secure on an intranet. http://www.hosting.com/support/dedic...asswordprotect
Last edited by limbo; 18th January 2011 at 02:23 PM.
Reason: add more info
18th January 2011, 04:09 PM #4
Thats great @limbo. Bit annoyed with myself for not working that out, as it wasn't beyond my abilities. Anyway, I now have a lovely (in my opinion) staff intranet page accessible by staff but not students. Now I just have to explain to my prehistoric head that its a good idea!
One happy edugeeker!
18th January 2011, 05:45 PM #5
JPS - did you end up setting permissions in IIS?
I love IIS to be honest. I have our ITS support page to allow all traffic but then I have a knowledge base /kb that uses digest authentication. Works great! I then set the permissions to only allow our ITS Staff to access the KB.
19th January 2011, 08:14 AM #6
Our whole website / learning platform / MLE works like this - lets us have single sign on for everything synch'ed in with the domain so a password change / new user is no drama at all.
19th January 2011, 09:22 AM #7
Yeh I just disabled annonymous access and used windows authentication. Then set student users as deny access on the permissions of the folder on my server where the intranet files reside.
Originally Posted by qcomer
19th January 2011, 11:14 PM #8
I agree that it's simple, but I don't think it's effective. What happens when a student removes their proxy configuration? What happens when a student connects a foreign device that doesn't get your GPOs applied? They can then access this website.
Originally Posted by glennda
The only "effective" method is to apply permissions on the site in a deny all, allow few approach.
Thanks to chrisbrown from:
mac_shinobi (20th January 2011)
By GenieNitro in forum How do you do....it?
Last Post: 27th June 2009, 05:01 PM
By Antp in forum Web Development
Last Post: 19th November 2008, 04:38 PM
By Antp in forum Web Development
Last Post: 9th October 2008, 01:27 PM
By Silverman in forum Web Development
Last Post: 2nd July 2008, 11:21 AM
By gh256 in forum Network and Classroom Management
Last Post: 24th April 2008, 03:46 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)