Windows Server 2003上的IIS管理器IIS6权限管理

时间:2021-08-31 05:04:40

We are using a dedicated hosting provider to host several of our public websites. There are two development teams/divisions within our company who each maintain public websites on these same servers. Is there a way through ACLs or some sort of rights management (e.g. individual logins) that I would only be able to see and maintain only my public sites and the other development team could only see and maintain their sites?

我们使用专门的托管服务提供商来托管我们的几个公共网站。我们公司内部有两个开发团队/部门,每个团队/部门都在这些服务器上维护公共网站。有没有办法通过ACL或某种权限管理(例如个人登录),我只能看到和维护我的公共网站,而其他开发团队只能查看和维护他们的网站?

Thanks!

Chris

1 个解决方案

#1


1  

Sure - File ACLS is probably the way to go, if you've got access to the server.

当然 - 如果你有权访问服务器,文件ACLS可能就是这样。

You can set up a directory called Site1 and ACL Change rights to a local Group "LG-Site1" with the appropriate users, and directory Site2 with change rights for group "LG-Site2".

您可以为具有相应用户的本地组“LG-Site1”和具有组“LG-Site2”的更改权限的目录Site2设置名为Site1和ACL更改权限的目录。

You do state that you want to only see your site, not the other site - the challenge with this is that if you are logging in to the server, you probably have admin rights, or at least rights up to the point where anything you do to lock yourself out of the Site2 directory can be reversed - either by temporarily granting your self rights or adding your self to LG-Site2. Not necessarily a show stopper, but certainly a consideration.

你确实说你只想看到你的网站,而不是其他网站 - 这样做的挑战是,如果你登录到服务器,你可能拥有管理员权限,或者至少是你做任何事情的权利将自己锁定在Site2目录之外可以通过暂时授予您的自我权利或将自己添加到LG-Site2来实现。不一定是表演限制,但肯定是一个考虑因素。

You can also set up FTP so that each dev team can publish to their directory, but not get in to the other.

您还可以设置FTP,以便每个开发团队都可以发布到他们的目录,但不能进入另一个目录。

#1


1  

Sure - File ACLS is probably the way to go, if you've got access to the server.

当然 - 如果你有权访问服务器,文件ACLS可能就是这样。

You can set up a directory called Site1 and ACL Change rights to a local Group "LG-Site1" with the appropriate users, and directory Site2 with change rights for group "LG-Site2".

您可以为具有相应用户的本地组“LG-Site1”和具有组“LG-Site2”的更改权限的目录Site2设置名为Site1和ACL更改权限的目录。

You do state that you want to only see your site, not the other site - the challenge with this is that if you are logging in to the server, you probably have admin rights, or at least rights up to the point where anything you do to lock yourself out of the Site2 directory can be reversed - either by temporarily granting your self rights or adding your self to LG-Site2. Not necessarily a show stopper, but certainly a consideration.

你确实说你只想看到你的网站,而不是其他网站 - 这样做的挑战是,如果你登录到服务器,你可能拥有管理员权限,或者至少是你做任何事情的权利将自己锁定在Site2目录之外可以通过暂时授予您的自我权利或将自己添加到LG-Site2来实现。不一定是表演限制,但肯定是一个考虑因素。

You can also set up FTP so that each dev team can publish to their directory, but not get in to the other.

您还可以设置FTP,以便每个开发团队都可以发布到他们的目录,但不能进入另一个目录。