Solved

Using Integrated Windows authentication with a Login Box

Posted on 2009-05-13
9
497 Views
Last Modified: 2013-12-04
We need to use integrated windows authentication on our website for some users, but we want all users to be challenged by a login box like the one that is used by digest authentication.  Is there a way to do this?
0
Comment
Question by:jimmydea
  • 3
  • 3
  • 2
9 Comments
 
LVL 51

Accepted Solution

by:
Ted Bouskill earned 300 total points
ID: 24381575
When you use Windows Authentication, IE will automatically try to log on any user who is on a client computer that belongs to the same domain as the server web site.  So, if you're users are in 'domain.com' and the website is 'www.domain.com' IE will automatically log them in.   To be honest, that is a great security feature because the less often the user types their password it lowers the chance of a keyboard logger capture the password.  For example, 'clickjacking' will only work after a user has logged on.

If you want to always show this dialog, then you need to change the IE default settings using Group Policy objects.
0
 
LVL 22

Assisted Solution

by:cj_1969
cj_1969 earned 200 total points
ID: 24383954
If you are using Windows Integrated Authentication why do you need a login box?
If a user is not a member of the domain, or the credentials they are logged into the work station with do not authenticate then they will get either an access denied or the login box.  But if they have permission to access the page then they will be let in.

So, back to the initial question ... why the login box requirement?  If we know this we might be able to come up with some other suggestions that you can implement.
0
 

Author Comment

by:jimmydea
ID: 24383971
Because that's what the boss wants.  I know it sounds dumb, and I have explained this to him for over a week, but thats what he wants.
0
Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

 

Author Comment

by:jimmydea
ID: 24383988
Tedbilly, what setting in IE
0
 
LVL 22

Assisted Solution

by:cj_1969
cj_1969 earned 200 total points
ID: 24384053
Take a look a this ... this might allow you to do what you need to do ...
http://support.microsoft.com/kb/326340
0
 
LVL 51

Assisted Solution

by:Ted Bouskill
Ted Bouskill earned 300 total points
ID: 24392603
I'm not a Group Policy Object expert so I can't help with the details, however I know that these settings can be automatically managed when users log on.  It would automatically turn off the automatic logging.

If you want to test it yourself, go to the 'Security' tab in IE options, then select the 'Local Intranet' zone and turn off automatica logon.  Do the same for 'Trusted Sites'.  That will force the dialog to show all the time.
0
 

Author Comment

by:jimmydea
ID: 24704606
No longer an issue, thanks for help
0
 
LVL 51

Assisted Solution

by:Ted Bouskill
Ted Bouskill earned 300 total points
ID: 24704704
Even if the issue is resolved, we answered your question and points should be awarded.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

815 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now