tech @ Beacon Deacon

November 20 and December 1, 2015, and January 28, 2016

Windows Server 2012 R2 Authentication by Jamie Johnson

Here are my steps to help you to set up authentication on Windows Server 2012 so that users will have to log in to see a sub-directory of a site:

  1. Go to Server Manager
  2. Click Add roles and features
  3. Click Server Selection
  4. Select a server from the server pool
  5. Next
  6. In tree nav, go to Web Server (IIS) > Web Server > Common HTTP Security
  7. Check the checkboxes beside both Client Certificate Mapping Authentication and Digest Authentication
  8. Click Next until it continues through installation
  9. Close
  10. Go to IIS Manager
  11. Drill down to the folder of interest
  12. Double-click the Authentication icon in the right pane under IIS that now shows up
  13. Click Digest Authentication
  14. On the far right column, click Enable
  15. Click Anonymous Authentication
  16. On the far right column, click Disable

However, one should not authenticate if HTTPS/SSL is not enforced. So when a certificate is in place then the following steps apply to complete setting up authentication:

  1. Open the IIS Manager
  2. Select the website on the left hand side
  3. Click on Bindings on the right hand side
  4. Click on Add
  5. Select the type as https and enter the port as 443
  6. Select the SSL certificate for the site and click OK
  7. In IIS, drill down to the folder on the site
  8. In the middle pane, double-click SSL Settings
  9. Check "Require SSL"
  10. Click Apply on the far right side under Actions
  11. NOTE: This will require the user to actually enter or link to the address using https: or there will be an error instead of opportunity to authenticate to the page.

You're still not done! If you want a group or specific user to authenticate to the folder of interest, then you will have to complete these steps as well:

  1. Go to IIS Manager
  2. Select the website on the left hand side
  3. Drill down to the folder of interest
  4. Right-click the folder and convert to application
  5. Click OK when applicable
  6. Close IIS Manager
  7. Go to Explorer and navigate to the folder of interest
  8. Right-click and select properties
  9. Go to the Security Tab and click Edit
  10. Add the group or user with proper permissions
  11. Click Apply/OK when applicable

Related LinkedIn Article