Solved

Windows Integrated Authentication will not work.

Posted on 2009-05-13
4
758 Views
Last Modified: 2012-05-06
Windows Server 2003 IIS 6 supports integrated authentication. Theoretically it should pass the authenticated username and password to IIS when anonymous access is turned off and windows integrated authentication and basic authentication are enabled. The server is an Active Directory server with computername "computername". The domain name is subdomin.domain.com. When I browse to https://domain.subdomain.com I continue to get prompted for the username and passsword.Well,,,the password is all I have to enter to get in successfully but it won't save it. The user name I don't have to change in any way and I do not recieve any logon errors in eventvwr. The application is a sql web app and when I add the site to the trusted sites list I no longer get prompted for credentials...however, I get the messaage "do you want to display secure and non secure items"? Of course I say yes and I only get half the page...that is I get the banner for the app but not the log in  console portion of the app. Where te login portion of app should be is an error messge saying the web site could not be displayed go to the home page subdomain.domain.com and try to find it.

If anyone has experience with this type of issue I would appreciate the feedback.

Oh ya, Browser is version 6.0

Thanks.
0
Comment
Question by:smartsystemsinc
  • 2
4 Comments
 
LVL 20

Accepted Solution

by:
wolfcamel earned 250 total points
ID: 24374647
check also the folder security for the home folder for the site.
0
 
LVL 1

Assisted Solution

by:drgonzo1967
drgonzo1967 earned 250 total points
ID: 24374831
Hey smartsystemsinc,
This seems more like an IE settings issue.  First off add the site to 'Trusted Sites'.  Then click 'Custom Level' button on in the 'Security Level for this Zone' box.  Scroll to the bottom and click the radio button under Logon that states 'Automatically logon with current username and password'.  That should let you pass through.  Hope this helps!

-gonzo
0
 

Author Comment

by:smartsystemsinc
ID: 24375751
Thanks for responding.

I have checked permissions and given users full control on the folder with no change in symptoms.

I have also done as drgonzo1967 suggested (seemed logical to me). No joy, the pass username and password box is already checked for trusted zone.

If I connect with https....I am authenticated. If I connect with http I am not authenticated and I do not see the entire page (login missing).

Shouldn't  I get same behavior no matter the the url? I have tried localhost...loopback (127.0.0.1), netbios name of server..dns name...everything.

Each time I get  a little diffferent result since the realm  in IIS is set to subdomain.domain.com so anything but subdomain.domain.com as a connect url will not authenticate correctly no matter what I type in username /password field. And where I connect with the correct subdomain.domain.com I just put the password in and I am through, but it will not automatically authenticate.

This is a TSS box...Don't know if that matters or not.

Hmmm...still stumped.
0
 

Author Closing Comment

by:smartsystemsinc
ID: 31580966
Thank you for your inputs. Your inputs help me narrow down the appropriate behavior for the broswer in this implemmentation. The actula problem was with Web Extensions. Since authentication was enabled, the configured web extensions could nto work.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

A quick step-by-step overview of installing and configuring Carbonite Server Backup.
This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now