I've got a boxed app called ReqLogic that installs, by default, under the default website on an IIS6 (W2k3) server in a W2k3 Forest / Domain called NewDomain.com. Directory Security for the Virutal Directory on the site is "Integrated Windows Authentication." The site itself is installed on 2 servers and inside and outside of the Default Web Site, and the results are the same.
Users in OldDomain.com can access this site...no problem...their Windows credentials are passed to the application and if they are a user, the Login screen takes those creds and passes them right in. This is a older W2k Native Domain and the users actually cross into the new domain where the IIS6 server is to obtain the website.
***Problem - users that reside in the new domain with new W2k3 accounts in the W2k3 domain/forest can't access this Virtual Directory. The webserver resides in the same domain as the user accounts, but we get the Event ID: 529 errors like Kerberos can't cross the domains.
Can anyone shed some light on this please.
Event ID: 529
Reason: Unknown user name or bad password
Logon Type: 3
Logon Process: Kerberos
Authentication Package: Kerberos
Workstation Name: -
Caller User Name: -
Caller Domain: -
Caller Logon ID: -
Caller Process ID: -
Transited Services: -
Source Network Address: 10.10.58.49
Source Port: 2841