IIS 7 Windows Authentication passes wrong user name to website.
I have a website that uses windows authentication that for only one user and only on his workstation the user name is passed to the IIS7 incorrectly. the problem started this morning and had been working for weeks. the user can log on to other machines on the network and authenticate to IIS site. other users can log onto his machine and authenticate to the IIS website. the server was rebooted during patching over the weekend but since this is happening with only one user i doubt that the patching is causing the issue.
when the user attempts to access the website he is presented with a log-on like he is not part of the domain. it auto fills the user name with DOMAIN\FirstnameLastname AKA DOMAIN\JohnDoe. His user name is DOMAIN\FistnameLastinitial
I decided to modify his user name in active directory to change everything to only use first name lastinital. no where in active directory does the last name show up. i verified that the changes had been made in active directory by reviewing the account on both domain controllers to make sure they were consistent. I logged the user in and out of the computer (Windows 7) and noted that the user name in the start menu now reflects the user name that is used when logging into the machine.
when accessing the computer from the local intranet the company can access it in two ways. either by computer name which was serialized. http://aqdfsd7asdf/website which was very difficult to use so we added a dns entry that was more meaningful and added a host header to match. http://website/website.
Since it was just this user and only on this computer for this user I first went down the path of the normal steps of resetting IE9. Rest all of the security settings to default and restoring all advanced settings. i would prefer to not reset the profile on that computer but will be my next step after
Other info:
When the website was originally set up we had problems with local authentication from the web server. we turned off IPv6 and added the DisableComponents registry key to stop the local loop back interface from using ::1.
when the user attempts to access the website he is presented with a log-on like he is not part of the domain. it auto fills the user name with DOMAIN\FirstnameLastname AKA DOMAIN\JohnDoe. His user name is DOMAIN\FistnameLastinitial
I decided to modify his user name in active directory to change everything to only use first name lastinital. no where in active directory does the last name show up. i verified that the changes had been made in active directory by reviewing the account on both domain controllers to make sure they were consistent. I logged the user in and out of the computer (Windows 7) and noted that the user name in the start menu now reflects the user name that is used when logging into the machine.
when accessing the computer from the local intranet the company can access it in two ways. either by computer name which was serialized. http://aqdfsd7asdf/website which was very difficult to use so we added a dns entry that was more meaningful and added a host header to match. http://website/website.
Since it was just this user and only on this computer for this user I first went down the path of the normal steps of resetting IE9. Rest all of the security settings to default and restoring all advanced settings. i would prefer to not reset the profile on that computer but will be my next step after
Other info:
When the website was originally set up we had problems with local authentication from the web server. we turned off IPv6 and added the DisableComponents registry key to stop the local loop back interface from using ::1.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER