?
Solved

IIS Authentication

Posted on 2013-02-06
3
Medium Priority
?
651 Views
Last Modified: 2013-12-02
Hi,

i am trying to setup external access to our intranet site. when it is accessed from within the local network it will just work, but i want to setup authentication for when it is accessed from the net.

I have setup a secondary site within IIS manager, setup the relevant bindings, and security settings (i am using windows Authentication) etc. everything wokrs fine when the Authorization rule is set to all users. What i want to do is only allow access to certain users.

On the new second site I go into the Authorisation rules and specify a particular user to have access. when i do this the first site stops working with a 401 (not authorised) error.

i have no idea why this is happening, i cannot see any thing on google.

Any help will be appreciated.

Thanks

Michael
0
Comment
Question by:motorhog
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 10

Assisted Solution

by:gaurav05
gaurav05 earned 1500 total points
ID: 38858773
Hi,

1) Try and see if basic authentication working or not ?

2) At your gateway end is there any firewall which is using integrated authentication

3) disable "Show Friendly HTTP Error messages" in Internet Explorer and try to login

4) check IIS logs file after trying above.

5) how your active directory user configured.

-Let us know.
0
 

Author Comment

by:motorhog
ID: 38858814
Hi.

Basic authentication works with Local users only (i want to use AD users). however when i change the authorisation rule to a single local username, the first site still shows the 401 error.

there is no authentication on our firewall

the HTTP friendly errors are already turned off and i get the following,

401 - Unauthorized: Access is denied due to invalid credentials.

You do not have permission to view this directory or page using the credentials that you supplied.

I can see in the logs that the error seems to be because iis is looking for a local username rather than a domain unsername from our AD.
0
 
LVL 10

Accepted Solution

by:
gaurav05 earned 1500 total points
ID: 38858839
Hi,

Try to first resolve problem for one site then do it same for second website.

Please change the identity in the application pool in the IIS from the default "ApplicationPoolIdentity" to a domain account "DOMAIN\account"

In Internet explorer please check

Tools- Internet Options - Advanced - Security - enable integrated windows authentication*

Let me know.
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've often see, or have been asked, the question about the difference between the Exchange 2010 SP1 version, available as part of Small Business Server (SBS) 2011, and the “normal” Exchange 2010 SP1 Standard. The answer to the question is relativ…
Know what services you can and cannot, should and should not combine on your server.
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question