This step is optional. If you are happy that anyone with a Windows user name can use the Portal you do not need to follow this section.
Basic authentication works by restricting access to the files that are served up by IIS. This is different to Windows authentication, which impersonates the logged-on user, and uses SQL Server’s built in security to restrict access to the data.
To make use of Basic authentication we need to disallow users from accessing the files
that make up the Portal web application.
- In IIS Manager, select the Portal node (or your chosen virtual directory
name if you chose a different one during installation) and open Authorization
Rules under IIS – Do not confuse this with .NET Authorization Rules.
Remove the rule that allows all users to have access.Figure 1. IIS Manager - Authorization RulesNow you can grant access for specific users to use the Portal web application.
- Select the option to Add Allow Rule. Select Specified users and
enter the user name that you want to grant access to.Figure 2. IIS Manager - Add Allow Authorization Rule
- By using the Specified roles or user groups option we can grant access to
a Windows domain group. In the screen shot below we can see that access has been
granted to the domain user DOMAIN1\User1 and to the domain
group DOMAIN1\Developers.Figure 3. IIS Manager - Authorization Rules: Domain Groups
- The user will be prompted for their credentials when attempting to access the Portal.Figure 4. Syncsort™ Capacity Management Portal - Provide credentials
This allows the user to access the Syncsort™ Capacity Management Portal but IIS still needs access to the Capacity Database.