inf2300
asked on
IIS Authentication
Hi,
I host a website on a Windows 2000 Server using IIS. We are using SSL and have a certificate that we purchased. IT is XXX.XXX.domain.com. Domain.com is an external domain we use. Our internal Active Directory domain is something completely different. We use the following zone xxx.domain.com for all service that must be accessible from inside our network and from the outside. We have the xxx.domain.com configured on our internal DNS servers. This site works fine from the inside and from the outside. However i would like to eliminate the username / password prompt when users logon from the inside. If internally we use https://servername/ there is no username password box only a certificate warning (which is normal).
Is there any way to get https://xxx.xxx.domain.com to not prompt for a username password internally???
Thanks
I host a website on a Windows 2000 Server using IIS. We are using SSL and have a certificate that we purchased. IT is XXX.XXX.domain.com. Domain.com is an external domain we use. Our internal Active Directory domain is something completely different. We use the following zone xxx.domain.com for all service that must be accessible from inside our network and from the outside. We have the xxx.domain.com configured on our internal DNS servers. This site works fine from the inside and from the outside. However i would like to eliminate the username / password prompt when users logon from the inside. If internally we use https://servername/ there is no username password box only a certificate warning (which is normal).
Is there any way to get https://xxx.xxx.domain.com to not prompt for a username password internally???
Thanks
ASKER
Thanks for the response... What if i use ADSI Edit and add a UPN suffix so that users can logon to AD using user@xxx.domain.com as well as the internal domain. Do you know fi this would eliminate the prompt??
Is the Webserver part of your Domain? If it is and the users have NTFS type permissions set on the site then you should just be able to enable Integrated Windows Authentication in IIS to allow IE to pass the current user details.
IE is mentioned above as it's the only browser integrated authentication works in.
Chris
ASKER
Thanks Chris for the response.
The NTFS permissions are set & i am using IE. But i still get the username password prompt
The NTFS permissions are set & i am using IE. But i still get the username password prompt
Does https://xxx.xxx.domain.com give you the public IP for the site? If so it's probably going to be breaking Integrated Auth...
Chris
ASKER
ok... sorry for the question... I feel stupid. All that had to be done was add xxx.xxx.domain.com to my Local Intranet Sites in IE. I did it and it works. I apllied it to everyone via GPO.
Thanks for the replies
Thanks for the replies
hehe well at least it's working now.
Chris
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
It's one or the other. so "no'