Web Viewer Security
Web Viewer Security |
|
|
You may secure the Web Viewer against unauthorized usage or access in three ways: 1.Securing Internet Information Server (IIS) - Microsoft has a security checklist for Internet Information Services on Technet for all supported IIS versions. This document should be carefully reviewed, and steps should be taken to secure this IIS server. 2.ELM Virtual Directory Security - In IIS, in the ELM Virtual Directory properties, the Authentication Methods should have only Integrated Windows authentication enabled. All other methods should be unchecked. 3.Securing Containers and Items in the ELM Console - You can use native Windows access control lists (ACLs) to secure containers or individual items. Security is enforced in the Web Viewer by requiring Integrated security on the IIS Virtual Directory. Anything you configure in the ELM Console will apply to Web Viewer users as well. 4.DCOM Security - Windows Component Services can be used to restrict or grant access for remote Web Viewer users. To grant access: 1.Launch DCOMCNFG on the ELM Server computer. 2.Expand Component Services | Computers | My Computer | DCOM Config. 3.Right-click the TNT Software ELM Enterprise Manager Server application and select Properties. 4.Select the Security tab. 5.Under Launch and Activation Permissions, select Custom and click the Edit button. 6.Add the user requiring ELM Web Viewer access and grant the account Allow permissions for all settings.
When installing the ELM Web Viewer with IIS 6 or Earlier:•ACLs are set on the WebSite directory. •ASP.NET 2.0 is enabled.
When installing the ELM Web Viewer with IIS 7 or Later:•ACLs are set on the WebSite directory. •Website and the virtual directory are allowed to override windows and anonymous authentication. •Website and the virtual directory are allowed to override default documents. •Website and the virtual directory are allowed to override handlers. When installing the ELM Web Viewer on a 64-bit OS:•32-bit application pooling is enabled.
Note |