Partager via


IIsIPSecurity.DomainDeny (ADSI)

The DomainDeny method gets or sets an array of domains that are not permitted to view the IIS site, service, virtual directory, or file. This is only effective if permission is permitted by default (if IIsIPSecurity.GrantByDefault (ADSI) is set to true).

[Visual Basic]
objIIsIPSecurity.DomainDeny = <array of domains>

Code Example

<%
' Remember to enable Integrated Windows authentication and
' disable Anonymous Access, or you will get a Server 500 error.
Dim SecObj
Dim MyIPSec
Dim DomainList
' Get the IIS object that holds the info for the default site.
' This could be any site root/vdir, or IIS://LocalHost/W3SVC for global
' properties.
Set SecObj = GetObject("IIS://LocalHost/W3SVC/1/Root")
' Get the IIsIPSecurity object.
Set MyIPSec = SecObj.IPSecurity
' Make sure GrantByDefault=TRUE, or your changes will not count.
If (FALSE = MyIPSec.GrantByDefault) Then
Response.Write
"<BR>GrantByDefault was not TRUE. Setting to TRUE.<BR>"
MyIPSec.GrantByDefault = TRUE
End If
' Get the Deny list as an array, and add your new restricted domain.
DomainList = MyIPSec.DomainDeny
Redim DomainList (Ubound(DomainList)+1)
DomainList (Ubound(DomainList)) = "somedomain.com"
' Set the new lists back in the metabase in two stages, and then set
' the metabase.
MyIPSec.DomainDeny = DomainList
SecObj.Setinfo
Response.Write "The IPRestriction has been set<BR>"
%>

Requirements

Client: Requires Windows XP Professional, Windows 2000 Professional, or Windows NT Workstation 4.0.

Server: Requires Windows Server 2003, Windows 2000 Server, or Windows NT Server 4.0.

Product: IIS

See Also

Concepts

IIsIPSecurity (ADSI)

Using ADSI to Configure IIS