RussoMA
asked on
IIS6 NTLM Auth - IE tries to authenicate to remote computer instead of domain?
Hi,
We haved used this exact setup at different sites before and never run into this issue. So i don't know what the problem is. Hoping an expert out there can help..
Setup is: IIS 6.0, anonymous access is disabled, integrated windows authentication is enabled on the default web site. Most everything is left at default, it is a pretty minimalist config.
Now what we expect to happen (what we've seen everywhere else) is, a user who is logged into windows onto the domain goes to the site, and their DOMAIN\Username credentials are automatically passed by internet explorer and everything just works. The site knows who they are without any password prompt.
Now before you jump to say "it's the IE settings", we have "Enable Integrated Windows Authentication" checked in the advanced options. And this site is in the intranet zone, with "Automatic Login only in intranet zone" also checked. So IE should just be passing their credentials over. This is actually working from localhost, but from another computer on the domain it is not working right..
What we are seeing from another machine on the domain is: The user (logged into domain) goes to the site, and the password prompt appears. The user name box is prefilled with <remote computer name>\<domain user name> ... That is not right. If anything, it should be prefilled with <domain name>\<domain user name> . And if it were filled with that it probably wouldn't even show up since authentication would pass straight away.
We can manually type the domain name in place of the computer name and then it works fine. However we can't expect that to go over with our users.
So does anybody know what is going on? Why is IE defaulting to the web server computer instead of the domain? Is it an IIS setting? IE setting? or something else with active directory?
If you need more details I can post, please help as we are out of ideas. :-x
We haved used this exact setup at different sites before and never run into this issue. So i don't know what the problem is. Hoping an expert out there can help..
Setup is: IIS 6.0, anonymous access is disabled, integrated windows authentication is enabled on the default web site. Most everything is left at default, it is a pretty minimalist config.
Now what we expect to happen (what we've seen everywhere else) is, a user who is logged into windows onto the domain goes to the site, and their DOMAIN\Username credentials are automatically passed by internet explorer and everything just works. The site knows who they are without any password prompt.
Now before you jump to say "it's the IE settings", we have "Enable Integrated Windows Authentication" checked in the advanced options. And this site is in the intranet zone, with "Automatic Login only in intranet zone" also checked. So IE should just be passing their credentials over. This is actually working from localhost, but from another computer on the domain it is not working right..
What we are seeing from another machine on the domain is: The user (logged into domain) goes to the site, and the password prompt appears. The user name box is prefilled with <remote computer name>\<domain user name> ... That is not right. If anything, it should be prefilled with <domain name>\<domain user name> . And if it were filled with that it probably wouldn't even show up since authentication would pass straight away.
We can manually type the domain name in place of the computer name and then it works fine. However we can't expect that to go over with our users.
So does anybody know what is going on? Why is IE defaulting to the web server computer instead of the domain? Is it an IIS setting? IE setting? or something else with active directory?
If you need more details I can post, please help as we are out of ideas. :-x
Steve Bink
Are you absolutely positive that user is logged on to the domain, and not a similarly-named local user?
ASKER
yes, 100% sure the user is logged into the same domain that the webserver is on..
ASKER
so... we rebooted the webserver and it magically works now
not sure what was wrong and what changed to fix it... any insight is appreciated, but for now i think this is resolved.
not sure what was wrong and what changed to fix it... any insight is appreciated, but for now i think this is resolved.
If it was still occurring, we could try to troubleshoot some. We can pick it up if it happens again. In the meantime, you can use the "Request Attention" link to have the question closed and your points refunded.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.