Solved

Using Integrated Windows authentication with a Login Box

Posted on 2009-05-13
9
494 Views
Last Modified: 2013-12-04
We need to use integrated windows authentication on our website for some users, but we want all users to be challenged by a login box like the one that is used by digest authentication.  Is there a way to do this?
0
Comment
Question by:jimmydea
  • 3
  • 3
  • 2
9 Comments
 
LVL 51

Accepted Solution

by:
tedbilly earned 300 total points
ID: 24381575
When you use Windows Authentication, IE will automatically try to log on any user who is on a client computer that belongs to the same domain as the server web site.  So, if you're users are in 'domain.com' and the website is 'www.domain.com' IE will automatically log them in.   To be honest, that is a great security feature because the less often the user types their password it lowers the chance of a keyboard logger capture the password.  For example, 'clickjacking' will only work after a user has logged on.

If you want to always show this dialog, then you need to change the IE default settings using Group Policy objects.
0
 
LVL 22

Assisted Solution

by:cj_1969
cj_1969 earned 200 total points
ID: 24383954
If you are using Windows Integrated Authentication why do you need a login box?
If a user is not a member of the domain, or the credentials they are logged into the work station with do not authenticate then they will get either an access denied or the login box.  But if they have permission to access the page then they will be let in.

So, back to the initial question ... why the login box requirement?  If we know this we might be able to come up with some other suggestions that you can implement.
0
 

Author Comment

by:jimmydea
ID: 24383971
Because that's what the boss wants.  I know it sounds dumb, and I have explained this to him for over a week, but thats what he wants.
0
 

Author Comment

by:jimmydea
ID: 24383988
Tedbilly, what setting in IE
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 22

Assisted Solution

by:cj_1969
cj_1969 earned 200 total points
ID: 24384053
Take a look a this ... this might allow you to do what you need to do ...
http://support.microsoft.com/kb/326340
0
 
LVL 51

Assisted Solution

by:tedbilly
tedbilly earned 300 total points
ID: 24392603
I'm not a Group Policy Object expert so I can't help with the details, however I know that these settings can be automatically managed when users log on.  It would automatically turn off the automatic logging.

If you want to test it yourself, go to the 'Security' tab in IE options, then select the 'Local Intranet' zone and turn off automatica logon.  Do the same for 'Trusted Sites'.  That will force the dialog to show all the time.
0
 

Author Comment

by:jimmydea
ID: 24704606
No longer an issue, thanks for help
0
 
LVL 51

Assisted Solution

by:tedbilly
tedbilly earned 300 total points
ID: 24704704
Even if the issue is resolved, we answered your question and points should be awarded.
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now