Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Windows Integrated Authentication will not work.

Posted on 2009-05-13
4
Medium Priority
?
768 Views
Last Modified: 2012-05-06
Windows Server 2003 IIS 6 supports integrated authentication. Theoretically it should pass the authenticated username and password to IIS when anonymous access is turned off and windows integrated authentication and basic authentication are enabled. The server is an Active Directory server with computername "computername". The domain name is subdomin.domain.com. When I browse to https://domain.subdomain.com I continue to get prompted for the username and passsword.Well,,,the password is all I have to enter to get in successfully but it won't save it. The user name I don't have to change in any way and I do not recieve any logon errors in eventvwr. The application is a sql web app and when I add the site to the trusted sites list I no longer get prompted for credentials...however, I get the messaage "do you want to display secure and non secure items"? Of course I say yes and I only get half the page...that is I get the banner for the app but not the log in  console portion of the app. Where te login portion of app should be is an error messge saying the web site could not be displayed go to the home page subdomain.domain.com and try to find it.

If anyone has experience with this type of issue I would appreciate the feedback.

Oh ya, Browser is version 6.0

Thanks.
0
Comment
Question by:smartsystemsinc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 20

Accepted Solution

by:
wolfcamel earned 750 total points
ID: 24374647
check also the folder security for the home folder for the site.
0
 
LVL 1

Assisted Solution

by:drgonzo1967
drgonzo1967 earned 750 total points
ID: 24374831
Hey smartsystemsinc,
This seems more like an IE settings issue.  First off add the site to 'Trusted Sites'.  Then click 'Custom Level' button on in the 'Security Level for this Zone' box.  Scroll to the bottom and click the radio button under Logon that states 'Automatically logon with current username and password'.  That should let you pass through.  Hope this helps!

-gonzo
0
 

Author Comment

by:smartsystemsinc
ID: 24375751
Thanks for responding.

I have checked permissions and given users full control on the folder with no change in symptoms.

I have also done as drgonzo1967 suggested (seemed logical to me). No joy, the pass username and password box is already checked for trusted zone.

If I connect with https....I am authenticated. If I connect with http I am not authenticated and I do not see the entire page (login missing).

Shouldn't  I get same behavior no matter the the url? I have tried localhost...loopback (127.0.0.1), netbios name of server..dns name...everything.

Each time I get  a little diffferent result since the realm  in IIS is set to subdomain.domain.com so anything but subdomain.domain.com as a connect url will not authenticate correctly no matter what I type in username /password field. And where I connect with the correct subdomain.domain.com I just put the password in and I am through, but it will not automatically authenticate.

This is a TSS box...Don't know if that matters or not.

Hmmm...still stumped.
0
 

Author Closing Comment

by:smartsystemsinc
ID: 31580966
Thank you for your inputs. Your inputs help me narrow down the appropriate behavior for the broswer in this implemmentation. The actula problem was with Web Extensions. Since authentication was enabled, the configured web extensions could nto work.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question