Securing a website using IIS

If your organization has custom websites that need to be secured quickly and easily, you can use the IIS internal authentication and authorization rules.

First make sure that your host server is set up to utilize Windows Authentication.  In Roles and Features  > Server Roles > Web Server (IIS) > Security, install “Windows Authentication”.

Once Windows Authentication is installed, select your site in IIS and select “Authentication”

Set Windows Authentication to enabled

Go back to your website, and select “Authorization Rules”

From here, you can give access to individual users or Active Directory groups.  The users will be presented with a Microsoft credentials dialog, and they will log in with their Windows credentials.