Configuring Authentication Settings
IIS
enables you to define configuration settings, using the Web object
hierarchy. Authentication settings can be configured for objects at the
following levels:
Authentication
settings that are defined at higher levels (such as for a Web
application) will be used automatically for lower-level objects. This
method makes it easier to manage settings for multiple Web sites, Web
applications, and their related content.
To
configure authentication settings using IIS Manager, select the
appropriate object in the left pane, and then double-click
Authentication in Features View. Figure 5 shows the default authentication options for the Default Web Site object.
The
default display shows a complete list of the available authentication
options, grouped by the response type used. Each method can be enabled
or disabled by selecting the item and using the Enable or Disable
commands in the Actions pane. In addition, some authentication options
provide additional commands for managing settings. By default, when you
enable or disable an authentication option, the setting will apply to
all lower-level objects and content in the IIS hierarchy. You can
override this behavior by explicitly enabling or disabling
authentication methods at lower levels.
To
verify your authentication-related settings, you should always test
access to content by using a Web browser. In some cases, it might be
necessary to use a second computer to ensure that authentication is
working properly. For example, if you are already connected to a
computer running Windows Server 2008 as a member of the administrators
group and you want to test Windows Authentication, you should attempt
to connect from another computer in the environment. This will help
prevent automatic authentication from affecting your test results.