Agent Guides › SAML Affiliate Agent Guide › Install a SAML Affiliate Agent › Configure the SAML Affiliate Agent for Your Web Server › How to Configure an IIS Web Server for the SAML Affiliate Agent › Modify the Directory Security Settings for the Default IIS User Account

Modify the Directory Security Settings for the Default IIS User Account

IIS does not allow any plug-in to write to a file system unless it is configured with a user account that has proper rights to do so. Therefore, to enable the SAML Affiliate Agent to create a log file on the local system, you need to modify the directory security settings for the IIS default user account.

To modify the directory security settings for the default user account

1. Open the IIS Internet Services Manager.
2. Select the Web server where the SAML Affiliate Agent is installed and right-click Properties.
3. In the Properties dialog box, click Edit to display the master properties for the WWW services.
4. In the WWW Service Master Properties dialog box, select the Directory Security tab.
5. In the group box that begins with "Anonymous access"..., click Edit.
6. In the Authentication Methods dialog box, do the following:
   1. Select Anonymous Access.
   2. Deselect Basic authentication.
   3. Deselect Integrated Windows authentication.
   4. In the Anonymous access group box, click Edit.
   5. In the Anonymous User Account dialog box, enter a name and password of a user account for access by anonymous users. Also, deselect Allow IIS to control password, then click OK.

      This account should have the "right to act as part of the operating system." Refer to Windows documentation to grant this right to a user account.

   6. Exit all dialog boxes and the Internet Services Manager.
7. When prompted, apply the security changes to all child components of the Web server.
8. Restart the Web server.

   The directory security permissions are changed.