I would like to setup a central Mecurial repository on a Windows 2008 server which only allows both push and pull access to certain users. This is to allow developers working remotely to push/pull changes through the central repository while working remotely.
SnapOverflow
This situation is fairly well documented. Check out the "Collaborating with other people" section of the very useful HG Book.
In short, you can configure ssh access to the Mercurial repository, and limit access to specific users.
Some more reference guides:
We have mercurial running on Windows Server 2003 and IIS. It is working well for us.
For access control, you have two main options:
You can mix and match these solutions for even more control.
This 4 part blog post I wrote a few months back should get you up and running, I wrote it for Windows Server 2003 and IIS, but the techniques are mostly the same:
http://www.endswithsaurus.com/2010/05/setting-up-and-configuring-mercurial-in.html
You'll come across a couple of minor differences on IIS 7, but the theory is all the same.
It covers everything, from the basics of installing and configuring Mercurial for IIS, to Active Directory integration, ISAPI rewriting to hide ugly URLs, customization of the UI to make it look prettier. It should get you up and running.
That's how I've set it up on mine -- Mercurial (hg) with active directory
You can try HgLab: it's a hosted Mercurial server with pull and push support, access control and Active Directory integration.