[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

IIS 7 authentication

Posted on 2011-02-23
14
Medium Priority
?
983 Views
Last Modified: 2012-06-27
I have an intranet site that uses your domain credentials to logon automatically with IIS 6, it works great.  I'm trying to move it to a new 2008 R2 server with iis 7, of course it does not work now.  It always prompts me for a username and password, if I enter it, everything works.  How do I get it to work like IIS 6??? why did they need to change everything... (pulling hair out)!
thanks
0
Comment
Question by:paradoxes
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 6
14 Comments
 
LVL 10

Expert Comment

by:pramodsk40
ID: 34961852
in control panel,click Programs and Features, select Turn Windows Features on or off from left side.
Expand Internet Information Services >> World Wide Web Services >> Security
Select Windows Authentication and click OK.Reset the IIS and Check in IIS now for windows authentication

select apppool to classic mode and see if it works.

Also read this....

http://mvolo.com/blogs/serverside/archive/2008/02/11/IIS-7.0-Two_2D00_Level-Authentication-with-Forms-Authentication-and-Windows-Authentication.aspx
0
 

Author Comment

by:paradoxes
ID: 34962552
pramodsk40,

I've already had the authentication installed and I've tried the classic mode on the application pool.  As for the blog, I read it over and I'm not sure if it is the same problem I'm having as it talks about forms logon. Anyway, when I look at my web.config, it does not have any of the authentication items, it's pretty basic...  here it is:

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
        <defaultDocument>
            <files>
                <clear />
                <add value="Default.asp" />
            </files>
        </defaultDocument>
        <directoryBrowse enabled="false" />
    </system.webServer>
    <system.web>
        <identity impersonate="false" />
    </system.web>
</configuration>
0
 
LVL 29

Expert Comment

by:Paul Jackson
ID: 34967240
Have you enabled delegation on the new IIS server assuming that your sql server is on another server somewhere.
0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 

Author Comment

by:paradoxes
ID: 34969530
ok, stupid moment...

why would I need sql on this server?  I just want to have it log me onto the intranet site with my domain credentials...
0
 
LVL 29

Expert Comment

by:Paul Jackson
ID: 34969583
I was just wondering if you website had a sql backend, if it was on another server you would be encountering the double hop authentication problem which would require you to enable delegation for your IIS server in Active Directory Users and Computers. however I just noticed you're not using integrated authentication so I don't think it affects you.
0
 

Author Comment

by:paradoxes
ID: 34969598
ok, sorry...
I thought that MS made some new funky requirements for IIS...
0
 
LVL 29

Accepted Solution

by:
Paul Jackson earned 2000 total points
ID: 34969610
Hmm in your original post you say the site uses domain credentials to logon to the intranet site, yet in your web.config identity impersonate= false, shouldn't this be true to allow automatic login.

<system.web>
        <identity impersonate="true" />
    </system.web>
0
 

Author Comment

by:paradoxes
ID: 34969690
I changed this setting and restarted the server, no luck...  it's odd, it just doesn't pass the logon info.  I'm totally stumped.  
0
 

Author Comment

by:paradoxes
ID: 34969700
Is there something I need to do at the IIS server level?  I have two Intranet sites on this server, one does not need any authentication, the other does.  I've been changing all the configurations at that level.
0
 
LVL 29

Expert Comment

by:Paul Jackson
ID: 34969719
0
 

Author Comment

by:paradoxes
ID: 34969976
jacko72,

This article helped, sort of, actually I'm a little confused now.  I read the article and found that I needed to turn on Basic authentication with my Windows Authentication, but this does not make sense to me.  Is it using the windows authentication? Or Basic, or both?  

How is this different than the Integrated Windows Authentication on IIS 6,  I guess I thought they were the same…

It is working now, I just don't fully understand why.

Thank you for your help!
 
0
 
LVL 29

Expert Comment

by:Paul Jackson
ID: 34970179
The way authentication is done changed in IIS 7. What used to happen was the user would get authenticated by IIS and then again by ASP.net (do you even have asp.net websites?).
This is what was called two stage authentication apparently now it is all done at the same time.
I'm not convinced however that you should need basic authentication enabled.
You might want to check out this link to see if it clears anything up : http://www.iis.net/ConfigReference/system.webServer/security/authentication/windowsAuthentication

However if it is working you might well want to leave it alone.
0
 

Author Comment

by:paradoxes
ID: 34970577
Ok, you'll love this.

I turned Basic authentication off again, and everything still works!  all I have on is the windows authentication and the asp impersonate...

So... maybe there is a small bug or something or by stopping and starting and not using the restart button it initiated the settings.  

Everything is working the way it needs to, only windows authentication and impersonate are on.

Thank you for your help!
0
 
LVL 29

Expert Comment

by:Paul Jackson
ID: 34970596
No problem, glad its working.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Today I came across an interesting issue that had me pulling my hair out.  I was troubleshooting a new internal web site which uses integrated security instead of anonymous.  When browsing the site from my laptop, I was able to access it with no iss…
Debug Tools to analyse IIS process: This article focus on taking memory dumps from IIS to determine which code is taking more time and to analyse which calls hangs/causes more CPU usage. To take dumps,download the following. Install1: To st…
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question