Since more clients are asking me about the same issue, here is the answer below!
Even though Microsoft has done a great job on improving the user interface in SharePoint 2007, some things are still buried and require a little "black magic" to get done. In this entry I'll show you how to enable anonymous access on your site.
First, you need to enable anonymous on the IIS web site (called a Web Application in SharePoint land). This can be done by:
- Launching Internet Information Services Manager from the Start -> Administration Tools menu
- Select the web site, right click and select Properties
- Click on the Directory Security tab
- Click on Edit in the Authentication and access control section
Instead we'll do it SharePoint style using the Central Administration section:
- First get to your portal. Then under "My Links" look for "Central Administration" and select it.
- In the Central Administration site select "Application Management" either in the Quick Launch or across the top tabs
- Select "Authentication Providers" in the "Application Security" section
- Click on the "Default" zone (or whatever zone you want to enable anonymous access for)
- Under "Anonymous Access" click the check box to enable it and click "Save"
NOTE: Make sure the "Web Application" in the menu at the top right is your portal/site and not the admin site.
You can confirm that anonymous access is enabled by going back into the IIS console and checking the Directory Security properties.
Now the second part is to enable anonymous access in the site.
- Return to your sites home page and navigate to the site settings page. In MOSS, this is under Site Actions – Site Settings – Modify All Site Settings. In WSS it's under Site Actions – Site Settings.
- Under the "Users and Permissions" section click on "Advanced permissions"
- On the "Settings" drop down menu (on the toolbar) select "Anonymous Access"
- Select the option you want anonymous users to have (full access or documents and lists only)
Now users without logging in will get whatever option you allowed them.
A couple of notes about anonymous access:
- You will need to set up the 2nd part for all sites unless you have permission inheritance turned on
- If you don't see the "Anonymous Access" menu option in the "Settings" menu, it might not be turned on in Central Admin/IIS. You can manually navigate to "_layouts/setanon.aspx" if you want, but the options will be grayed out if it hasn't been enabled in IIS
- You must do both setups to enable anonymous access for users, one in IIS and the other in each site
Hope that helps!
Thanks for http://weblogs.asp.net/bsimser/ for his awesome useful post.