In Part 1, we created a simple WebDAV site which allow all authenticated users to access the WebDAV site at the root level. Now, we will see how we can configure WebDAV such that a user when authenticated is redirected to his authorized content folder only.
PART I– Modify a simple WebDAV site for User Authorization
- Click on the Web Site (WebDAV Site in our case)
- In the Features view, double click on Authentication and verify if you have Windows Authentication enabled
![image7]( "image7")
- Double click on Authorization Rules, select the existing rule and click Remove in the Action panel
![image8]( "image8")
- Double click on WebDAV Authorization Rules, select the existing rule and click Remove in the Action panel
![image9]( "image9")
- I have a folder structure, shown below in C:\inetpub\webDAV
![image10]( "image10")
- In IIS Manager, expand WebDAV Site and click rahul
- In the Features view, double click on WebDAV Authorization Rules
![image11]( "image11")
- In the Action panel, click on Add Authoring Rule…
![image12]( "image12")
- In Add Authoring Rule dialog box, select the following
![image13]( "image13")
Notice, we selected Specified users: in Allow access to this content to: and gave the user account who should access the Web content (dotnetscraps\rahul in our case). - Go back to the Features view, double click on Authorization Rules
- Click Add Allow Rule… and select Specified users: under Add Allow Authorization Rule dialog box. Add the account you want to access the Web content (dotnetscraps\rahul in our case).
![image14]( "image14")
- Let us also verify the NTFS permissions we have set on the rahul folder
![image17]( "image17")
Notice that we haven’t given dotnetscraps\rahul any specific permission on the folder. We will need Users group Modify permission on the rahul folder.
Now that we have configured the folder with WebDAV setting. Let us now verify if the WebDAV site is working fine.
PART II– Test from a client machine
- Open Windows Explorer–> Tools–> Map network drive…
- The Map Network Drive dialog box appears
- Under Drive: select the drive letter (Z: in this example)
- Under Folder: type http://WIN-2K8WSS1/rahul–> Next
![image15]( "image15")
- Since I have login on to the client machine with the account dotnetscraps\rahul, I was authenticated directly.
- Click Finish
- Open the command prompt and type “net use”
![image16]( "image16")
Notice that the drive has been mapped successfully and is pointing to rahul folder. This looks very similar to FTP User Isolation, but you don’t need a folder with username i.e. Windows User account (SAM Account) to validate on the content folder.
Hope this helps,
Vivek Kumbhar
Quote of the day:
Man is equally incapable of seeing the nothingness from which he emerges and the infinity in which he is engulfed. - Blaise Pascal