• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 669
  • Last Modified:

IIS Authentication

Hi,

i am trying to setup external access to our intranet site. when it is accessed from within the local network it will just work, but i want to setup authentication for when it is accessed from the net.

I have setup a secondary site within IIS manager, setup the relevant bindings, and security settings (i am using windows Authentication) etc. everything wokrs fine when the Authorization rule is set to all users. What i want to do is only allow access to certain users.

On the new second site I go into the Authorisation rules and specify a particular user to have access. when i do this the first site stops working with a 401 (not authorised) error.

i have no idea why this is happening, i cannot see any thing on google.

Any help will be appreciated.

Thanks

Michael
0
motorhog
Asked:
motorhog
  • 2
2 Solutions
 
gaurav05Commented:
Hi,

1) Try and see if basic authentication working or not ?

2) At your gateway end is there any firewall which is using integrated authentication

3) disable "Show Friendly HTTP Error messages" in Internet Explorer and try to login

4) check IIS logs file after trying above.

5) how your active directory user configured.

-Let us know.
0
 
motorhogAuthor Commented:
Hi.

Basic authentication works with Local users only (i want to use AD users). however when i change the authorisation rule to a single local username, the first site still shows the 401 error.

there is no authentication on our firewall

the HTTP friendly errors are already turned off and i get the following,

401 - Unauthorized: Access is denied due to invalid credentials.

You do not have permission to view this directory or page using the credentials that you supplied.

I can see in the logs that the error seems to be because iis is looking for a local username rather than a domain unsername from our AD.
0
 
gaurav05Commented:
Hi,

Try to first resolve problem for one site then do it same for second website.

Please change the identity in the application pool in the IIS from the default "ApplicationPoolIdentity" to a domain account "DOMAIN\account"

In Internet explorer please check

Tools- Internet Options - Advanced - Security - enable integrated windows authentication*

Let me know.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now