Re: VPN & Windows authentication

I'd suggest enabling auditing of logon events for success and failure and
find out what is going on with the login itself from the details provided in
the security event log.

Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"SpaceMarine" <spacemarine@xxxxxxxxxxxxxx> wrote in message
news:0e25dadb-f66b-4692-b35e-9e4d6ec7d4e9@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
On May 21, 2:28 pm, SpaceMarine <spacemar...@xxxxxxxxxxxxxx> wrote:

ok, after messing around some more i have it. using VPN is no problem
at all, and my web apps can continue to use Windows authentication
from the web.config. the server OS simply asks the browser to popup
the login box (dunno what you call that box...NTML? SAMS? not sure).
after the user enters his credentials, the app sees him as his Windows
user.

actually, i lied -- the Windows authentication works 100% properly for
VPN'ed users, my app knows who they are and can read their AD groups.
but -- it FAILS for domain users sitting inside the network at their
desktops. Whaaaa!???

how can this be? IE tosses up the same login box for both...but for
regular users it cannot authenticate their credentials. error is:

HTTP Error 401.1 - Unauthorized: Access is denied due to invalid
credentials.
Internet Information Services (IIS)

....any ideas?


thanks
sm
any ideas?


.

Relevant Pages

  • Re: VPN & Windows authentication
    ... and my web apps can continue to use Windows authentication ... the login box (dunno what you call that box...NTML? ... my app knows who they are and can read their AD groups. ... regular users it cannot authenticate their credentials. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Logout from windows authentication??
    ... I came across this in a forum, so I guess it's in the windows authentication ... The user credentials are being cached by the client browser, ... server (either via a login dialog or automatic submission under IE ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Return credentials with anonymous authentication?
    ... > I was now authenticating in an windows authentication site (with the gray ... > This way if i will ne next navigation to real windows authentication site I ... > place of its current credentials. ... >> Using this login page I would like to receive credentials from Active ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Return credentials with anonymous authentication?
    ... I was now authenticating in an windows authentication site (with the gray ... This way if i will ne next navigation to real windows authentication site I ... place of its current credentials. ... > Have a login page in Application 1 with Anoynoumous authentication. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Credentials not being passed with remote access
    ... allowed windows authentication to work, ... I had assumed johnx was a domain user rather than a local Windows account. ... johnx was set up as a local login on sql server. ...
    (microsoft.public.sqlserver.security)