Use this tab to set IIS security features to confirm the user identity of users before granting access to restricted content.
Authentication and access control
This setting allows you to configure your Web server to confirm the user identity of users before assigning access to restricted content. Before your Web server can authenticate users, however, you must first create valid Windows user accounts and then configure the NTFS directory and file permissions for those accounts.
Click to configure your Web server's authentication and anonymous access features.
IP address and domain name restrictions
This setting allows you to assign or deny specific users, computers, groups of computers, or domains from accessing this Web site, directory, or file based on IP address or domain name.
Click to add settings that set restrictions on or deny access to this Web site, directory, or file by specific users, computers, groups of computers, or domains.
Windows provides means to secure communication between the client and the Web server using server certificates and certificate mapping. You can implement secure communications by enabling Windows directory service mapping, which allows you to use the directory service client-certificate mapping rather than one-to-one or many-to-one mapping. To enable this service, the server must be a member of the Windows® Server 2003 domain.
Enable the Windows directory service mapper
Select to use directory service client-certificate mapping rather than one-to-one or many-to-one mapping. To enable this service, the server must be a member of the Windows Server 2003 domain. This option is available only when editing properties for all Web sites.
When editing properties for a specific Web site, the following options are available:
Click to start the Web Server Certificate Wizard and obtain a server certificate.
Click to view the server certificate (if there is one installed) for this Web site.
Click to enable communication settings such as certificate acceptance, certificate mapping, and the certificate trust list.
To learn more about user authentication in IIS, access control, certificates in IIS, and mapping client certificates to user accounts, see the