Avatar of abillz
 asked on

IIS - Integrated Authentication with a loadbalanced website

I have an internal website that is running on IIS 6 on Windows 2003.  The website authenticates users using the Windows Integrated Authentication (Active Directory) so that users are automatically logged onto the site without having to enter a username or password.

I am trying to load balance this website by spreading it accross three other instances.  I would like to have two instances of the website running on two seperate servers, giving me four instances in total.

Here is how I have thing set up so far...
The two physical servers are named "server1" and "server2".  Each server has two seperate IP addresses; "server1" has and and "server2" has and  I have created two seperate websites in IIS on each server, and given each of the websites one of the IP addresses.  Each of the websites is configured to use Integrated authentication, and I have ensured that all of the users have the proper ACL settings on the acutal website files.  

I have also added a second DNS Host entry for each server that points to the second IP of each server; "server11" points to "" and "server2" points to "".  The primary IP of each server is already pointed to the primary server names as the somputer are registered in Active Directory and DNS.

In my head, this should work.  Here is the problem...  If I try and access any of the secondary webs using the URL like "server11/index.html" I am prompted to enter a username and password.  This is a windows prompt, it seems like the integrated authentication does not work.

My second issue is that I will be load balancing these out once it is working properly.  Will the integrated authentication still work once these are loadbalanced?
Microsoft IIS Web Server

Avatar of undefined
Last Comment

8/22/2022 - Mon

View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.

Thank you, that does help fill me in on how it the Authentication works, and also explains why the integrated authentication only works with Internet Explorer.

Any idea why I am prompted for credentials when I access the secondary instances on either server, but not the primary ones?  I am never asked for the primaries, not even the first time access. IE and IIS just pass the creds along and the world is great, but this is not happening for the second one.


probably those secondaries are not considered 'intranet site' by the web browser.  Windows auth is only automatic when the remote site in included in that list.  by default, only hostnames without any dots in them (i.e. http://localhost and http://server11, etc) will be considered 'intranet' zone.  Any hostname containing periods (e.g. http://myserver.com.tz,, etc) are not considered intranet sites.

This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.