1. Create a directory.
  2. Right mouse click over the directory.
  3. Select "Properties".
  1. Select the "Web Sharing Tab".
  2. Click "Share this folder".
  1. Click "OK".
  1. Select the "Security" tab.
  2. Click on Permissions.
  1. Grant access to users the users you desire.
    Note: The group needs to be included if you want to have anonymous access. ( or IUSR_computername ?? )
  1. In Explorer/Netscape type in the URL. http://machine/Alias created
  2. You should be presented with a dialog box like this.
  3. Note: you will probably need to supply the domain with the user name.

Until this point, this security will only work with Internet Explorer. To enable access via Netscape, you must change the settings on the web server to allow Basic Authentication.
  1. Install Microsoft Management Console ( Microsoft Site )
  2. Run Internet Service Manager
  1. Right Click over "Default Web Site" and select "Properties" from the popup menu.
  1. Click on the "Directory Security" tab.
  2. Select "Edit" under Anonymous Access and Authentication Control.
  1. Click "Allow Anonymous Access"
  2. Click "Basic Authentication"
  3. De-Click "Windows NT Challenge/Response"
Note: If has access to the NTFS directory, then access will be Anonymous.
If is not on the NTFS Access Control List, Basic Authentication will be used.
See "Security Tab"
  1. Click "Yes"
From the "Edit" button in Authentication Methods(above) next to Basic
  1. Select default domain if necessary.

Basic Authentication Domain
Users logging on with the Basic authentication method must belong to a specific domain. A domain is a computer or a network of computers managed as a single administrative entity. When users attempt to log on without specifying a domain, you can configure you server to assume that the users belongs to a domain different from the default local domain. For example, if your server contains a Web site accessed exclusively by members of the Sales domain, but your server belongs to the Shipping domain, then you can configure that Web site’s Basic authentication default domain to be the Sales domain.
If your Web server does not belong to a network(???), then the default local domain is the name of your computer.
From the "Edit" button in Authentication Methods(above) next to Anonymous
  1. Select anonymous user ( the default should be fine. ).
    Note: this may also be a domain account ie tfi_master\user1.
( Note: Is this per directory or per server??? )

Authentication Methods

To prevent unauthorized users from establishing a Web (HTTP) connection to restricted content, you can configure your Web server to identify, or authenticate, users. The authentication process involves determining whether a user has a valid Windows NT user account that has appropriate Windows NT File System (NTFS) permissions for accessing a particular Web site, directory, or file.

Allow Anonymous Access

Typically, all users attempting to establish a Web (HTTP) connection with your Web server should log on as anonymous users. When a user establishes an anonymous connection, your server will log on the user with an anonymous or guest account, which is a valid Windows NT user account. This account has security restrictions that limit the type of Web content that anonymous users can access. Set the Windows NT user account to use for all anonymous connections. This account has security restrictions, determined by your Windows NT Files System (NTFS) permissions, that limit the type of Web content anonymous users can access.

By default, your Web server creates and uses the account IUSR_computername. When you installed your Web server, Setup created the account IUSR_computername in Windows NT User Manager for Domains and in Internet Service Manager. The IUSR_computername is granted Log on Locally user rights by default. This right is necessary if you want to grant anonymous logon access to your site. For more information, consult your Web server security documentation.

Basic Authentication

Select this check box to enable your Web server ‘s Basic authentication method, which is a widely used, industry standard method for identifying users. Your Web server will only use Basic Authentication under the following conditions:
· Anonymous access disabled.
· Anonymous access denied because Windows NT permission have been set, requiring the users to provide a Windows NT user name and password before establishing a connection with restricted content.

During the Basic authentication process, the user’s Web browser will prompt the user to enter a valid Windows NT account user name and password.


Basic authentication results in the transmission of passwords across the network in an unencrypted form. A determined computer vandal equipped with a network monitoring tool could intercept user names and passwords.


Users attempting to establish a connection through Basic authentication must provide their logon domain in addition to their user name. By clicking this button you configure your Web server to assume a default logon domain, other than the local domain, for users who do not explicitly provide their domain name.

Windows NT Challenge/Response

When this check box is selected, you enable your Web server’s Windows NT Challenge/Response authentication methods. Microsoft Internet Explorer, version 2.0 or later, is the only Web browser that currently supports this authentication method.

Once enabled, your Web server will only use Windows NT Challenge/Response authentication under the following conditions:
· Anonymous access disabled.
· Anonymous access denied because Windows NT permission have been set, requiring the users to provide a Windows NT user name and password before establishing a connection with restricted content.

During the Windows NT Challenge/Response authentication process, your Web server engages in a cryptographic information exchange with the user’s Internet Explorer Web browser. The user’s Web browser does not send actual Windows NT account password information across the network.