IIS Basic Authentication in Cross Realm Environment
Posted on 2007-11-30
- I have a Windows 2003 Active Directory Server for DOMAIN1.
- It is also configured for cross realm authentication on DOMAIN2 with a user mapping from *.DOMAIN2 to *.DOMAIN1.
- An account for User1 is present is both domains.
What is working:
When I log on through RDP from a non-domain computer to the Active Directory with the DOMAIN2 credentials of User1, the authentication succeeds.
When I configure IIS for Basic Authentication, and set the default domain to DOMAIN2, the authentication fails with a 401 error. When I sniff the kerberos traffic however, I can see a successful authentication to the DOMAIN2 KDC. When using the DOMAIN1 credentials for User1, the authentication succeeds.
How can I achieve cross realm authentication in IIS?
Thanks is advance!