I currently have a Windows Server 2003 setup to serve multiple sites via IIS. One of our directories needs to allow access to only 1 specific AD Security Group.
I know there are two ways to accomplish this. One is using IIS to add permissions and the other is to set permissions on the folder/directory itself. A script runs at night and populates the content so users only need read permissions to view it in a browser.
My question is which one is preferred?
© Server Fault or respective owner