Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Installed application on NT 2000 SP4 with IIS.  Unchecked allow anynonmous connection so user would have to be authenticated via Actice Directory.  Web pages does not request username / password

Posted on 2006-07-20
3
179 Views
Last Modified: 2013-12-04
I have recently installed an application on a W2K IIS server and want all users to authenticate to use the web page.  I have disabled the anynonmous check box but the page still does not request the user to login.  Any help is greatly appreciated.
0
Comment
Question by:kwh3856
3 Comments
 
LVL 25

Accepted Solution

by:
mikeleebrla earned 250 total points
ID: 17149107
did you check 'integrated windows authentication' at the bottom of that page on the IIS settings?
0
 
LVL 2

Assisted Solution

by:masoncooper
masoncooper earned 250 total points
ID: 17156250
The users may have "Automatic login only in Intranet Zone" turned on.
On the client machines, go to IE > Tools > Security Tab > Click Local Intranet > Custom Level
Scroll to the bottom where it says "User Authentication"
"Automatic login only in Intranet Zone" Means that it will always try and log on using current credentials first when in the intranet zone, if that fails, it prompts for username/password.  If you change it to "Prompt for user name and password" they will always be prompted.

You might also have to check the other security zones for this setting as well just in case.
0
 

Author Comment

by:kwh3856
ID: 17158409
Many thanks to each of you responding.  Each one of you had good answers but were not correct.  I wanted to split the points to each of you for responding to my question.  The solution to the problem was actually right in front of me.  I had set the security so only Integrated NT users could access the web site.  It did not dawn on me that the only users of this web site were internal users who by default authenticate to the domain, thereby no request would me made to that user to login because they had already been authenticated to the domain.  We tested this by logging in locally to a workstation and then accessing the web site.  The web site then requested the user to authenticate.  As they say, sometimes you are just two close to the forest to see the trees.

Thanks
Kenny
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
PGP key : industry standard 2 77
how to mitigate against $ theft from ATM machines 5 140
should I worry about this? 6 102
Possibility of Outlook running on Linux 6 255
No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
Users of Windows 10 Professional can disable automatic reboots using the policy editor. This tool is not included in the Windows home edition. But don't worry! Follow the instructions below to install (a Win7) policy editor on your Windows 10 Home e…

790 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question