Integrated Authentication from XP
From: Nick Field (Nick.Field@Comino.com)
Date: 01/30/03
- Next message: Keith W. McCammon: "Re: PLEASE help on firewall"
- Previous message: me: "PLEASE help on firewall"
- In reply to: Nick Field: "Integrated Authentication from XP"
- Next in thread: Karl Levinson [x y] mvp: "Re: Integrated Authentication from XP"
- Reply: Karl Levinson [x y] mvp: "Re: Integrated Authentication from XP"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Nick Field <Nick.Field@Comino.com> Date: Thu, 30 Jan 2003 16:24:36 -0000
Ok folks... for those interested I have narrowed this down further.
If I browse directly to the web page from XP machine, everything works.
However - I use ISA Server to re-direct to this web site under certain
circumstances. It is only on these occasions that the authentication is
not passed through.
Again, this is only in XP, it all works fine in other OS'.
Cheers
Nick
-----Original Message-----
From: Nick Field
Posted At: 30 January 2003 15:08
Posted To: security
Conversation: Integrated Authentication from XP
Subject:
Hi Karl,
Thanks for a speedy response..
The site is internal, therefore is part of the intranet zone. I did
however try adding it to the zone manually and ensuring that it was
excluded from the proxy.
(both machines are in the same subnet)
With everything manually added, I still get prompted for username and
password - The only difference is, now if I cancel the authentication
window then hit refresh the page loads ok.
This makes it look like a bug to me - Does not authenticate on first
request, but does on second....??
I would appreciate any further insights...
Thanks
Nick
-----Original Message-----
From: Karl Levinson [x y] mvp [mailto:jamescagney90210@excite.com]
Posted At: 30 January 2003 14:23
Posted To: security
Conversation: Integrated Authentication from XP
Subject: Re: Integrated Authentication from XP
Someone else posted the same problem here in the past 2 weeks or so. My
guess is that perhaps the web site needs to be added to the Local
Intranet
zone in internet explorer tools, Internet options, security and/or check
the
settings in that zone.
Windows integrated authentication is not really meant for accessing
sites
across the internet, so I'm thinking perhaps XP or a newer version of IE
improved security by preventing windows integrated authentication from
occurring if the site is not in the local intranet zone. Depending on
the
settings, if the URL name was an FQDN name such as
http://servername.domain.com and/or the IP address is on a different
subnet,
IE might not know that it is a local intranet site until you tell it so.
If this turns out to be the case, please let us know.
"Nick" <nick.field@comino.com> wrote in message
news:08f001c2c85f$aac8f460$d3f82ecf@TK2MSFTNGXA10...
> I have an IIS 5.0 server serving users on a single domain.
> I have 'Integrated Windows Authentication' enabled.
>
> All Windows 98, NT 4 and 2000 users connect, authenticate
> and gain access to the web site perfectly well. Whenever
> any of my Windows XP users try they get prompted to enter
> a username and password. This is happening with ALL my XP
> users. All XP machines are SP1.
>
> Has anyone experienced this?
>
> Cheers
> Nick
--- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.449 / Virus Database: 251 - Release Date: 1/27/2003
- Next message: Keith W. McCammon: "Re: PLEASE help on firewall"
- Previous message: me: "PLEASE help on firewall"
- In reply to: Nick Field: "Integrated Authentication from XP"
- Next in thread: Karl Levinson [x y] mvp: "Re: Integrated Authentication from XP"
- Reply: Karl Levinson [x y] mvp: "Re: Integrated Authentication from XP"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
