Ask the Expert

How to implement IIS authentication settings

I have installed a standalone IIS server on a Windows 2000 system. How can I switch off the authentication window that pops up on a remote computer when trying to access the page?

Requires Free Membership to View

This depends on what you're trying to do. If you want to allow open access to a Web site hosted on your Internet Information Services (IIS), you'll need to check two settings on the server to see which is blocking the site.

There are two levels of authentication for an IIS server hosted on Windows 2000: Web authentication and New Technology File System (NTFS) permissions.

IIS authentication is set through the Internet Service Manager (ISM), which can be accessed from the server's Administrative Tools menu. Under the Directory Security tab, there are a variety of authentication options that can be checked off. These include options for Basic Authentication, Digest Authentication, as well as Integrated Windows Authentication.

The ISM allows more than one type of authentication to be selected. The pop-up window you describe could be a Basic or Digest authentication window, so make sure these two options are deselected.

The other reason for the authentication window issue could be that the NTFS permissions in the server's root directory may have been set to restrict access. This directory is usually located here: C:Inetpubwwwroot. If you want to remove any logon windows or have open access, go to this location and check the Everyone box; this will allow anyone to have free access to the directory.

From the perspective of the Windows 2000 machine itself, these Web server directories are just like any other directory on the server and can be configured separately.

More information:

  • Michael Cobb explains how to create access rules and configure IIS server permissions.
  • Using a different Web server? Learn some non-IIS best practices.
  • This was first published in March 2007