paradoxes
asked on
IIS 7 authentication
I have an intranet site that uses your domain credentials to logon automatically with IIS 6, it works great. I'm trying to move it to a new 2008 R2 server with iis 7, of course it does not work now. It always prompts me for a username and password, if I enter it, everything works. How do I get it to work like IIS 6??? why did they need to change everything... (pulling hair out)!
thanks
thanks
ASKER
pramodsk40,
I've already had the authentication installed and I've tried the classic mode on the application pool. As for the blog, I read it over and I'm not sure if it is the same problem I'm having as it talks about forms logon. Anyway, when I look at my web.config, it does not have any of the authentication items, it's pretty basic... here it is:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<defaultDocument>
<files>
<clear />
<add value="Default.asp" />
</files>
</defaultDocument>
<directoryBrowse enabled="false" />
</system.webServer>
<system.web>
<identity impersonate="false" />
</system.web>
</configuration>
I've already had the authentication installed and I've tried the classic mode on the application pool. As for the blog, I read it over and I'm not sure if it is the same problem I'm having as it talks about forms logon. Anyway, when I look at my web.config, it does not have any of the authentication items, it's pretty basic... here it is:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<defaultDocument>
<files>
<clear />
<add value="Default.asp" />
</files>
</defaultDocument>
<directoryBrowse enabled="false" />
</system.webServer>
<system.web>
<identity impersonate="false" />
</system.web>
</configuration>
Have you enabled delegation on the new IIS server assuming that your sql server is on another server somewhere.
ASKER
ok, stupid moment...
why would I need sql on this server? I just want to have it log me onto the intranet site with my domain credentials...
why would I need sql on this server? I just want to have it log me onto the intranet site with my domain credentials...
I was just wondering if you website had a sql backend, if it was on another server you would be encountering the double hop authentication problem which would require you to enable delegation for your IIS server in Active Directory Users and Computers. however I just noticed you're not using integrated authentication so I don't think it affects you.
ASKER
ok, sorry...
I thought that MS made some new funky requirements for IIS...
I thought that MS made some new funky requirements for IIS...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I changed this setting and restarted the server, no luck... it's odd, it just doesn't pass the logon info. I'm totally stumped.
ASKER
Is there something I need to do at the IIS server level? I have two Intranet sites on this server, one does not need any authentication, the other does. I've been changing all the configurations at that level.
Take at look at this link : http://technet.microsoft.c om/en-us/l ibrary/cc7 33010(WS.1 0).aspx
ASKER
jacko72,
This article helped, sort of, actually I'm a little confused now. I read the article and found that I needed to turn on Basic authentication with my Windows Authentication, but this does not make sense to me. Is it using the windows authentication? Or Basic, or both?
How is this different than the Integrated Windows Authentication on IIS 6, I guess I thought they were the same…
It is working now, I just don't fully understand why.
Thank you for your help!
This article helped, sort of, actually I'm a little confused now. I read the article and found that I needed to turn on Basic authentication with my Windows Authentication, but this does not make sense to me. Is it using the windows authentication? Or Basic, or both?
How is this different than the Integrated Windows Authentication on IIS 6, I guess I thought they were the same…
It is working now, I just don't fully understand why.
Thank you for your help!
The way authentication is done changed in IIS 7. What used to happen was the user would get authenticated by IIS and then again by ASP.net (do you even have asp.net websites?).
This is what was called two stage authentication apparently now it is all done at the same time.
I'm not convinced however that you should need basic authentication enabled.
You might want to check out this link to see if it clears anything up : http://www.iis.net/ConfigR eference/s ystem.webS erver/secu rity/authe ntication/ windowsAut henticatio n
However if it is working you might well want to leave it alone.
This is what was called two stage authentication apparently now it is all done at the same time.
I'm not convinced however that you should need basic authentication enabled.
You might want to check out this link to see if it clears anything up : http://www.iis.net/ConfigR
However if it is working you might well want to leave it alone.
ASKER
Ok, you'll love this.
I turned Basic authentication off again, and everything still works! all I have on is the windows authentication and the asp impersonate...
So... maybe there is a small bug or something or by stopping and starting and not using the restart button it initiated the settings.
Everything is working the way it needs to, only windows authentication and impersonate are on.
Thank you for your help!
I turned Basic authentication off again, and everything still works! all I have on is the windows authentication and the asp impersonate...
So... maybe there is a small bug or something or by stopping and starting and not using the restart button it initiated the settings.
Everything is working the way it needs to, only windows authentication and impersonate are on.
Thank you for your help!
No problem, glad its working.
Expand Internet Information Services >> World Wide Web Services >> Security
Select Windows Authentication and click OK.Reset the IIS and Check in IIS now for windows authentication
select apppool to classic mode and see if it works.
Also read this....
http://mvolo.com/blogs/serverside/archive/2008/02/11/IIS-7.0-Two_2D00_Level-Authentication-with-Forms-Authentication-and-Windows-Authentication.aspx