Server Anonymous Access

In order to search an Internet Information Server web site, users require anonymous access to the web server. Specifically, users must have access to the Information Server URLs involved with searching, and anonymous access is the most basic and easiest to implement on a wide-scale. However, simply allowing anonymous access to the entire web site may not be an option to those who consider it a security risk.

Setting Anonymous Access for Information Server URLs

In order to preserve security for the rest of your web site, while allowing users to search it, Information Server provides a command-line utility for creating a user account under which Information Server URLs are accessed. You can also specify the user account during installation. If you chose not to specify anything during installation, and you have not allowed general anonymnous access, you will need to use the command-line utility to specify a user account before users are allowed to search your web site. If you leave anonymous access off, and do not specify a user account for Information Server, users will be prompted for a Windows NT user name and password when they try to access a Information Server search form. If they do not have a Windows NT user account, they will be denied access.

NOTE: Document access, when users click a results link to view a document, is still secured by Windows NT file security when under the NTFS file system.

setanon.exe

The setanon.exe command-line program allows you to create a Windows NT user account for accessing Information Server URLs. It is included with Information Server, and can be found in installdir/_nti31/admin, where installdir is the full path to the directory in which you installed Information Server.

NOTE: You must be a user with Windows NT administrative privileges to use setanon.exe.

setanon.exe Options

Option
Description

user
Required. Specifies a Windows NT user account. Remember to use -create if you are not specifying an existing user account.

password
Required. Specifies the password for the user account.

-create
Optional. Specifies that the Windows NT user account be created. If you do not specify -create and the Windows NT user account does not exist, setanon.exe displays an error message.

Using setanon.exe

Once you have installed Information Server V3.6, and you have neither enabled Allow Anonymous for Internet Information Server, nor specified a Windows NT user account for anonymous access to Information Server during installation, then you must use setanon.exe to specify a user account to allow users to search your web site without having to have separate Windows NT user accounts for each searching user.

The syntax for setanon.exe is shown below, where installdir is the full path to the directory to which you installed Information Server V3.6. For example, C:\Program Files\Verity\IS.

To specify an existing user account for anonymous search access to your web site:

: installdir\s97is\admin>setanon existinguser password

To specify a user account, and create it, for anonymous search access to your web site:

: installdir\s97is\admin>setanon newuser password -create

Note that after using setanon.exe, you must restart Internet Information Server using the Internet Service Manager.

Copyright © 1998, Verity, Inc. All rights reserved.