susnewyork
asked on
Need help with cross-domain IIS authentication
Hi, I have two Windows2003 AD domains with a two way trust between them.
In domain A I have a website which I only want specific security groups in each domain to be able to view.
The whole point is that I don't want users in either domain to be prompted for credentials when they visit the site. If they are logged in to the domain then they should be automatically authenticated.
On the IIS server in domain A, I have configured the website to use integrated Windows authentication" and disabled anonymous access.
I then added the approved security groups from Domain A and Domain B to the permissions list of the website.
The solution works well in Domain A. If you are in the correct security group then the website loads automatically.
However in Domain B, the user is prompted regardless of the fact that they are in an approved security group in IIS.
How do I have then authenticate automatically?
In domain A I have a website which I only want specific security groups in each domain to be able to view.
The whole point is that I don't want users in either domain to be prompted for credentials when they visit the site. If they are logged in to the domain then they should be automatically authenticated.
On the IIS server in domain A, I have configured the website to use integrated Windows authentication" and disabled anonymous access.
I then added the approved security groups from Domain A and Domain B to the permissions list of the website.
The solution works well in Domain A. If you are in the correct security group then the website loads automatically.
However in Domain B, the user is prompted regardless of the fact that they are in an approved security group in IIS.
How do I have then authenticate automatically?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Excellent answer. Solved my problem. Not sure I would have checked for Local Intranet Zone