|
server
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Adding a local computer account into ADIs there a way to add a local computer account, for example
IUSR_<COMPUTERNAME> into AD? I need to grant permission for the IUSR account on one server to access a network share. Since the IUSR account is local to the machine, I'm not able to add it under permissions for the network share. As well, I can't join the IUSR account to an AD group to allow it to access the share. Any info would be greatly appreciated. Why would you want to do this? The only IUSR_ accounts that should be in
the domain are those that correspond to DCs that have IIS installed for whatever reason. -- Paul Williams Microsoft MVP - Windows Server - Directory Services http://www.msresource.net | http://forums.msresource.net Our dev is creating an application to parse information from a database and
store it in an XML file in a directory that is shared out. The other part of this is the outside source accessing the information will pass a url to the IIS server which then retrieves the xml file or places a new xml file into the shared directory. Now why they are doing this in this manner is beyond me, only that I was asked by our dev if it was possible to have the IUSR_<computer> account access the shared directory. The only method I can think of is to give the server which is running IIS permission on the shared directory. Since the server is a member server, I'm tempted to test the permissions by adding it to sharing and adding it to security, then seeing if the dev can pass the file that way. I'm not an IIS man, so don't know how to do this. However it should be
setup in such a way that IIS is either accessing resources using the user who is accessing IIS' credentials (delegation) or the computer account of IIS is accessing the shared folder. You might find posting to the IIS groups more beneficial. I can't cross-post into that group as neither of use retain the original post in our replies. I've also modified the subject line in the hope that Joe K sees this - he'll know the answer in a second... -- Paul Williams Microsoft MVP - Windows Server - Directory Services http://www.msresource.net | http://forums.msresource.net 
Other interesting topics
Domain controller server planning
snmp Admin login as user Replication Windows 2000 server with xp clients access to Server 2K3 Starting a forest over from stratch folder redirection, moving to new folders Installing Enterprise CA broke existing LDAP SSL on the DC's Domain Rename Operation - Windows XP Control Station? |
|||||||||||||||||||||||
