?
Solved

Integrated Windows authentication is not working in IE

Posted on 2008-10-22
5
Medium Priority
?
1,886 Views
Last Modified: 2012-05-05
We have an intranet.  To control access to it, we use cheap IIS integrated windows authentication.  When going to the address -- 10.18.10.100/employee_intranet -- Firefox users get a login prompt.  When IE users go to that address, they immediately receive my custom unauthorized page.  What can I do to fix this?
intranet.jpg
0
Comment
Question by:mrcoulson
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 37

Expert Comment

by:meverest
ID: 22784588
Hi,

probably those IE users are logged in to a domain that does not have rights to the web content.

try disabling windows auth and enable only basic auth.

Cheers.
0
 

Author Comment

by:mrcoulson
ID: 22785119
But doesn't basic authentication send only with clear text?  I don't know if I want our user's passwords flying around the internet like that.
0
 
LVL 37

Expert Comment

by:meverest
ID: 22791342
Yes,

generally, if you want security at all, then you will want to use ssl to encrypt your access credentials - ALL of them, even windows integrated.

Cheers.
0
 
LVL 51

Expert Comment

by:Ted Bouskill
ID: 22793285
Use a fully qualified domain name for the website that matches the client computers domain. Then IE will recognize the site as a 'Local Intranet' site and log in automatically.

Otherwise add the site in the 'Trusted Sites' zone and set 'Automatic Login' for trusted sites.

Don't use SSL for your intranet (too much overhead) and you are correct, Basic Authentication isn't secure and adding SSL to compensate is overkill.

By the way, to setup auto login in FireFox type 'about:config' in the address bar.  Then in the Filter text box type 'NTLM' and some options will show up.  There is one you can add trusted domains to automatically log in.
0
 

Accepted Solution

by:
mrcoulson earned 0 total points
ID: 23102140
I just told IIS to reject all except a range of IP addresses which match our internal network and some remote sites.
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Logparser is the smartest tool I have ever used in parsing IIS log files and there are many interesting things I wanted to share with everyone one of the  real-world  scenario from my current project. Let's get started with  scenario - How do w…
When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question