PHP IIS Authenticated Access to network drive files

Question

I am trying to set up access to mdb file located on a local network drive using PHP. Currently when trying to access '//servername/folder/file', server says 'Access restricted', which is understood because web-user does not have access to it.

1. Is it possible in IIS to set up 'read only' permissions to specific file on a network drive (restricting any other permissions to any other files/folders on that drive), is mounting required or not?

2. Can such access be authenticated with password? (implementation should not affect other local users ability to access this network drive).

3. Any tips will be highly appreciated! ( Basically PHP needs to access (read only) a single file located on shared drive but that access should be max secured)

Thank you!

Answer 1

Regarding some of your questions, I will give the following answers:

First of all, there is no need to install third-party plugins to set "read-only" permissions on specific files on network drives in IIS.

If you want to access a specific file in the shared folder of server B through a UNC path in server A and only have read-only permission on the file, you can do the following:

1?Create a user name on ServerA, and put the user into the IIS_IUSRS group; also create the same user name and password in ServerB (must be the same, otherwise UNC authentication will not be able to log in)

2?Create a shared folder in ServerB. In the share settings, add read permissions for the IIS_ShareUser user (if you need to store things, add the write permission)

3?Create a virtual directory on the site in serverA with the path pointing to \\serverB\images, connect as a specific user, manually enter a new username and password.

4?Select the application pool corresponding to the site in server A, find the identity option in the advanced settings, drop down to select custom account, set a new user name and password, so that you can access the files in server B through the UNC path in server A.

5?If you need to set the "read-only" permission to a specific file on the network drive and restrict any other permissions of other files, you can set the permissions under the user name for the specific file in server B.

In addition, regarding your second question, IIS directly uses the identity in the application pool to access by default. If you want to enter the user name and password before accessing the shared file, you need to write code in the program to implement the pop-up box to enter the user name and password.