Required Web Server Folder Permissions

This article will show what folder permissions are required in order for users to be able to access the site.

To start, you will need to be remoted into the web server where the Intranet is being hosted. To confirm which folder contains the Intranet folder, check within IIS to find the location.

To do this:

  1. Open IIS (Internet Information Services Manager)
  2. Select your web site from the list on the left
  3. Click ‘Basic Settings’ from the right nav
  4. Locate the physical path as shown in the image below:


Now that you have the location, navigate to the folder level above your Intranet folder.

Apply permissions to the Intranet folder directly:

1) Right-click on the Intranet folder

2) Click Properties

3) Click the ‘Security’ tab

4) Click ‘Edit’ under the Group or user names section

5) Add the IIS_IUSRS account

  • Select the location as the server itself (not through your domain)
  • This local user can be found by typing iis_iusrs into the ‘Enter the object names to select’ field. Refer to this image:

6) Include the ‘Write’ permission in addition to Read & Execute, List folder contents, and Read

7) Confirm the changes to get back to the Security tab window

  • Push the changes down to all child folders
  • Click Advanced under the ‘Permissions for IIS_IUSRS’ section: 
  • Click ‘Change Permissions': 
  • Select the IIS_IUSRS line and check the box for ‘Replace all child object permissions with inheritable permissions from this object’ as shown on the following image: 
  • Click ‘Apply’ to save these changes
  • Once changes have taken effect, confirm your changes by clicking ‘OK’ to close out each additional window.

8) Test your site to make sure users can access the site externally


Referenced by:

Have more questions? Submit a request


Article is closed for comments.