Re: VPN & Windows authentication
- From: SpaceMarine <spacemarine@xxxxxxxxxxxxxx>
- Date: Thu, 3 Jul 2008 14:15:46 -0700 (PDT)
On May 23, 6:34 pm, "Joe Kaplan"
<joseph.e.kap...@xxxxxxxxxxxxxxxxxxxxxxxx> wrote:
These audits typically have some additional details such as the user name
that failed to authenticate or some extended error code as well. Perhaps
your admins can help you get this sorted out.
we did indeed. this was really wigging me out, especially since
authentication works in Firefox.
turns out IE7 has a new, misnamed setting in Internet Options ->
Advanced -> Security -> "Enable Integrated Windows Authentication",
checked by default. this should really read, "Don't Roll-over from
Kerberos to NTLM protocol on failed auth attempt", because that's
exactly what it does -- if your server's Kerberos security protocol
isnt working, leaving this checked will cause the process to halt. if
you uncheck it, the browser will re-try the auth attempt using NTLM.
more here:
http://blog.super-networking.net/systems/internet-explorer-enable-integrated-windows-authentication/
...so unchecking that box will force NTML authentication. meanwhile,
you can try to figure out why your Kerberos isnt working :)
sm
.
- Prev by Date: Design patterns for managing the roles in .NET 2.0 Web application
- Next by Date: suggestions: AD, integrated auth, custom Roles
- Previous by thread: Design patterns for managing the roles in .NET 2.0 Web application
- Next by thread: suggestions: AD, integrated auth, custom Roles
- Index(es):
Relevant Pages
|
