When you register an Internet Information Services (IIS) 5.0 server with Resource Manager, Microsoft Provisioning System creates a hosting folder on the IIS 5.0 server. This topic describes the access control entries ACEs that Microsoft Provisioning System sets on the hosting folder. For more information about the tasks that Microsoft Provisioning System performs while registering resources and provisioning Web services, see Internet Information Services 5.0 hosting configuration.
The following ACE prevents any user accounts from accessing the contents of the folder, unless explicitly granted this right:
Remove Everyone
The following table describes the ACE that gives admins@hosting and csradmins@hosting groups full control over the hosting folder and all of its subfolders:
| Trustees | Permission | Apply To |
|---|---|---|
| admins@hosting, csradmins@hosting | Special | This object and all child objects |
| Permission | Allow | Deny |
| Full Control | GENERIC_ALL |
The following table describes the ACEs that give AllResellerAdmins and AllResellerCSRAdmins groups the ability to create a content folder for a Web site within the hosting folder:
| Trustees | Permission | Apply To |
|---|---|---|
| AllResellerAdmins; AllResellerCSRAdmins | Special | This object only |
| Permission | Allow | Deny |
| Synchronize | SYNCHRONIZE | |
| Create Folders | FILE_ADD_SUBDIRECTORY | |
| Delete Folders | FILE_DELETE_CHILD | |
| List Folder | FILE_LIST_DIRECTORY | |
| Traverse Folder | FILE_TRAVERSE |