Solved

Prevent autologin in SharePoint site

Posted on 2010-11-22
9
1,018 Views
Last Modified: 2012-05-10
Hi Everyone,

Currently when accessing the SharePoint 2010 site, the user is automatically logged in according to their Windows domain principal (e.g. DOMAIN\user1).

Is there a way to disable this automatic log-in? e.g. disable the Integrated Windows Authentication (NTLM?) from the SharePoint configuration?

The reason why we want to do this is to mimic the situation where the site is viewed by a user over the Internet. i.e. the user *is not* logged into a Windows domain.

We also want to be able to log-in as different users in order to test the site, including *not* logging in to simulate viewing the "public" site.

Thanks.

0
Comment
Question by:jjoz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
9 Comments
 
LVL 3

Expert Comment

by:Nomoho
ID: 34195682
Hi Jioz,

You must deactivate NTLM in IIS for sharepoint site (sharepoint - 80 for example):
Start menu > run > inetmgr > ok
In the folder Web Sites, right click the IIS web site of your sharepoint application > properties > tab directory security > click on edit authentication and access control > uncheck Integrated Windows Authentication > check another one,

for example digest or basic (caution with this one, you must use an SSL certification on your IIS web site because the password is sent in clear text).
0
 
LVL 1

Author Comment

by:jjoz
ID: 34196016
oh, sounds like this is a security issue if the password is sent as text over the network when I disable the NTLM authentication.
0
 
LVL 38

Accepted Solution

by:
Justin Smith earned 500 total points
ID: 34196019
Stop!

This is controlled through IE settings.  Just place your SharePoint url in the "internet zone".
0
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

 
LVL 1

Author Comment

by:jjoz
ID: 34196037
ah... so this can be automated from the Active Directory using Group Policy object ?
I was thinking if there is server setting that can be disabled from the CA site.
0
 
LVL 38

Expert Comment

by:Justin Smith
ID: 34196041
Yes it can be controlled through GP.   I suggest testing first, obviously.
0
 
LVL 1

Author Comment

by:jjoz
ID: 34214781
ok, thanks for the info, how about using this AAM configuration ? is it the same effect ?
AAM.jpg
0
 
LVL 38

Assisted Solution

by:Justin Smith
Justin Smith earned 500 total points
ID: 34217632
Again, auto-logon is an IE setting.  Not a SharePoint setting.  AAM Zones have nothing to do with it.
0
 
LVL 1

Author Comment

by:jjoz
ID: 34218120
ah ok, so the above setting is useless ?
0
 
LVL 1

Author Closing Comment

by:jjoz
ID: 34273201
thanks man !
0

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question