After installation of the CML application, the files that provide its administration functionality reside in a separate directory on the Web server. This subdirectory is a child of the virtual directory in which the CML application runs: http:// … /FmLib/Admin.
You can restrict access to this directory using the Internet Service Manager, a Microsoft Management Console (MMC) snap-in for IIS 4.0). This snap-in is installed when you install IIS on your Web server. IIS enforces this type of access restriction.
Because the Admin directory contains all the Active Server Pages (ASP) files that provide administration functionality, such as maintaining the library, denying access to it puts all these administrative actions out of reach at once. These settings are effective for all child directories of the Admin directory as well, such as the Adnmat directory. (The ASP files in this directory provide the functionality for adding new materials to the FmLib database.)
You can also keep specified individuals from performing specific administrative actions; see Restricting Access Using File Permissions.
Before you restrict access to the Admin directory, you need to decide who will be granted access as an administrator. Although you could grant access to these people individually, it is recommended that you create a local group for them using the User Manager of Windows NT Server. Then you can grant this local group access to the Admin directory using the Restricting Access Using Folder Permissions procedure in the Deployment section.
As new people appear who need general administrator privileges, add them to a group that has been granted directory permissions. Similarly, remove from the group people who no longer need administrative access to the CML application. For more information, see Granting Windows NT Permissions.
When a user attempts to open a restricted page, the IIS Web server generates an error. The CML application changes these generic error messages into more friendly error messages; see Displaying Run-Time Errors.