Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

How to set up  Integrated Windows Authtentication for IIS 7 directory and eliminate the challenge dialog

Posted on 2010-09-13
2
Medium Priority
?
849 Views
Last Modified: 2012-05-10
I have to migrate a ColdFusion app from a W2003 server to a W2008R2 server running IIS 7 on my company intranet.  I don't believe that the issue has anything to do with cold fusion but IIS settings somewhere.

In the w2003 environment, one directory in the app was set to integrated windows security.  When folks went to that page, since they were logged in on their company PC under their company ID, I could grab that ID from the server variables and use it to auto log them into the application.  
 How I set up IIS directory security under w2003When I try the same paradigm on w2008, IIS 7, I get a challenge dialog.
And if I enter the domain\\userid and pwd, it works but I don't want the dialog to occur but act as it did before in w2003
 w2008 ChallengeAnonymous is permitted at all the other directories levels.
 IIS directory authentication under w2008The server and all the client machines are in the same domain.
What am I missing?
0
Comment
Question by:E43509
2 Comments
 
LVL 30

Accepted Solution

by:
Brad Howe earned 2000 total points
ID: 33663733
Hi,

Give this a shot.

Add Logon all intranet
1. Go to Menu go to Tools - Internet Options - Security and then click on the "Local Intranet" zone.
2. Click on the "Custom Level" toward the bottom of the pane and a new popup will appear.
3. Under the User Authentication/Logon, make sure "check" is on "Automatic Logon only in intranet zone"

If it is still not auto logging on, try the following.

Add site URL to local intranet
1. Go to Menu go to Tools - Internet Options - Security and then click on the "Local Intranet" zone.
2. Click on Sites.
3. Click "Advanced" and add the full address of the website in question eg: (http://your.domain.com)

Let us know,
Hades666
0
 

Author Closing Comment

by:E43509
ID: 33664475
Since I was going to the site via the IP address as the DNS was not in place yet, I got that popup dialog message.  In the meantime the DNS name work was done and the popup challenge went away.  You were right on with your solution.  Thx
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question