Adobe 38043740 Lockdown Guide - Page 42
the IIS Application Pool, Folder, Permission
 |
UPC - 883919135168
View all Adobe 38043740 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 42 highlights
The IIS Application Pool user (iisservice in our examples) must also have permission access the Tomcat IIS connector. Grant this user permission to the \config\wsconfig\ directory in your ColdFusion installation directory. Folder Permission {coldfusion-home} Full Control {coldfusion-home} {coldfusion-home}/config/wsconfig/ {coldfusion-home}/cfusion/wwwroot/CFIDE Full Control • List folder / read data • Read attributes • Read extended attributes • Read permissions • List folder / read data • Read attributes • Read extended attributes • Read permissions The ColdFusion IIS connector writes logs to a file called isapi_redirect.log - the IIS Application Pool user (iisservice in our example) needs write permission to this file. You may consider changing the location of this file, which is defined in the isapi_redirect.properties file to a directory elsewhere. Note: if you choose to run Anonymous Authentication through the Application Pool user then IUSR does not need permission to these files. Note: if you are setting up multiple instances of ColdFusion or multiple connectors you will need to repeat this step for each connector. Each connector instance is placed in a subdirectory of {coldfusionhome}/config/wsconfig/ with a number (starting with 1 by default). 42
-
1 -
2
-
3
-
4
-
5
-
6
-
7
-
8
-
9
-
10
-
11
-
12
-
13
-
14
-
15
-
16
-
17
-
18
-
19
-
20
-
21
-
22
-
23
-
24
-
25
-
26
-
27
-
28
-
29
-
30
-
31
-
32
-
33
-
34
-
35
-
36
-
37 -
38 -
39 -
40 -
41 -
42 -
43 -
44 -
45 -
46 -
47 -
48
-
49
-
50
-
51
-
52
-
53
-
54
-
55
-
56
-
57
-
58
-
59
-
60
-
61
-
62
-
63
-
64
-
65
-
66
-
67
-
68
-
69
-
70
-
71
-
72
-
73
-
74
-
75
-
76
-
77
-
78
-
79
-
80
-
81
-
82
-
83
-
84
-
85
-
86
-
87
 |
 |
