Re: URGENT... mixed anonymous and integrated security issue

From: alien251 (billow_dan@hotmail.com)
Date: 03/27/03


From: "alien251" <billow_dan@hotmail.com>
Date: Thu, 27 Mar 2003 11:47:22 -0800


Thanks....
Duh.. I should have known that...

"Tom Kaminski [MVP]" <tomk (A@T) mvps (D.O.T) org> wrote in message
news:b5us5r$92c34@kcweb01.netnews.att.com...
> In IE, Go to Tools -> Internet Options -> Security -> Custom Level -> User
> Authentication -> Logon and make sure it's not prompting for intranet use.
> You can add your domain or IP to the no proxy setting to get IE to
recognize
> it as the intranet. Tools -> Internet Options -> Connections -> LAN
> Settings -> Advanced
>
> For security configuration you need to go Tools > Internet Options >
> Security > Local intranet > Sites... > Advanced > Add this web site or IP
to
> the zone
>
> "alien251" <billow_dan@hotmail.com> wrote in message
> news:uKzi$978CHA.1512@TK2MSFTNGP12.phx.gbl...
> > Just got done reading that... I'm not using basic so the challeng
response
> > mechanism is failing in some cases... Which leads me to believe this is
a
> > client configuration issue but I'm unsure of where to check on the
> client??
> > I would have thought that the Use Integrated Security would have been
the
> > client issue but it's not making a difference... Any other ideas??
> >
> >
> > "Tom Kaminski [MVP]" <tomk (A@T) mvps (D.O.T) org> wrote in message
> > news:b5slod$92c31@kcweb01.netnews.att.com...
> > > "alien251" <billow_dan@hotmail.com> wrote in message
> > > news:eR2C1m78CHA.1612@TK2MSFTNGP11.phx.gbl...
> > > > We've written an ASP.NET application that uses Integrated Security
> we've
> > > > tested it and are about to begin doing user acceptance testing and
> > > training
> > > > for a hundred or so users... The environment our network engineers
> setup
> > > for
> > > > us is in a seperate domain specifically used for testing, this is
> where
> > > > they will do acceptance testing and training... Ultimately this new
> > > > application will run on a web server in the same domain that the
users
> > > will
> > > > already be logged into... I have an Intranet site that allows
> anonymous
> > > > access... From that site I have a link to the new application in an
> > > > untrusted domain, the web server requires nt authentication... For
> some
> > > > clients IIS will challenge them and given the correct credentials
> allow
> > > > access to the site... For other users they are not even challenged
> just
> > > > denied access 401.2... I'm confused whether or not this is a server
> > > > configuration error or the problem is on the client... I've checked
> the
> > > "Use
> > > > Integrated Security" in the Browser\Tools\Option\Advanced\Security
> > section
> > > > but it doesn't seem to make a difference... Could IIS be leaving off
> the
> > > > Authenticate header in some cases?
> > >
> > > check here:
> > > http://support.microsoft.com/default.aspx?scid=kb;en-us;253667
> > >
> > > --
> > > Tom Kaminski IIS MVP
> > > http://www.iistoolshed.com/ - tools, scripts, and utilities for
running
> > IIS
> > > http://mvp.support.microsoft.com/
> > > http://www.microsoft.com/windowsserver2003/community/centers/iis/
> > >
> > >
> > >
> >
> >
>
>