IIS Authentication


I host a website on a Windows 2000 Server using IIS. We are using SSL and have a certificate that we purchased. IT is XXX.XXX.domain.com. Domain.com is an external domain we use. Our internal Active Directory domain is something completely different. We use the following zone xxx.domain.com for all service that must be accessible from inside our network and from the outside. We have the xxx.domain.com configured on our internal DNS servers. This site works fine from the inside and from the outside. However i would like to eliminate the username / password prompt when users logon from the inside. If internally we use https://servername/ there is no username password box only a certificate warning (which is normal).

Is there any way to get https://xxx.xxx.domain.com to not prompt for a username password internally???

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Irwin SantosComputer Integration SpecialistCommented:
"Is there any way to get https://xxx.xxx.domain.com to not prompt for a username password internally???

It's one or the other. so "no'
inf2300Author Commented:
Thanks for the response... What if i use ADSI Edit and add a UPN suffix so that users can logon to AD using user@xxx.domain.com as well as the internal domain. Do you know fi this would eliminate the prompt??
Chris DentPowerShell DeveloperCommented:

Is the Webserver part of your Domain? If it is and the users have NTFS type permissions set on the site then you should just be able to enable Integrated Windows Authentication in IIS to allow IE to pass the current user details.

IE is mentioned above as it's the only browser integrated authentication works in.

IT Pros Agree: AI and Machine Learning Key

We’d all like to think our company’s data is well protected, but when you ask IT professionals they admit the data probably is not as safe as it could be.

inf2300Author Commented:
Thanks Chris for the response.

The NTFS permissions are set & i am using IE. But i still get the username password prompt
Chris DentPowerShell DeveloperCommented:

Does https://xxx.xxx.domain.com give you the public IP for the site? If so it's probably going to be breaking Integrated Auth...

inf2300Author Commented:
ok... sorry for the question... I feel stupid. All that had to be done was add xxx.xxx.domain.com to my Local Intranet Sites in IE. I did it and it works. I apllied it to everyone via GPO.

Thanks for the replies
Chris DentPowerShell DeveloperCommented:

hehe well at least it's working now.

PAQed with points refunded (500)

Community Support Moderator

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.