Re: Integrated Windows Authentication not working on a domain network

From: Tom Kaminski [MVP] ((A_at_T))
Date: 04/29/03 

Date: Tue, 29 Apr 2003 13:02:23 -0400

"John Lau" <johnlau@olc.ubc.ca> wrote in message
news:%23bQsv9mDDHA.2376@TK2MSFTNGP10.phx.gbl...
> Hello,
>
> When I enable NT challenge/response on my NT4 web server in a domain
> network, the user authentication information is not showing up in the
> ServerVariables Account, AUTH_USER, LOGON_USER and REMOTE_USER.
>
> When I enable Integrated Windows Authentication on my W2K Professional
> development web server that is not part of a domain, I can see my NTID in
> the above ServerVariables. When I enable NT challenge/response on my
> production server, the NTID will show up for some users but not for
others.
> For example, a user who is a local admin on the web server has not
problems
> authenticating. A user who is not a local admin will get an Internet
> Explorer pop-up logon window asking them to logon to the network.
>
> I now think this has to do with trust issues in a domain network.

Trust issues only exist between domains and it sounds like you're only
dealing with one domain. What are the NTFS permissions on your content? 

-- 
Tom Kaminski IIS MVP
http://www.iistoolshed.com/ - tools, scripts, and utilities for running IIS
http://mvp.support.microsoft.com/
http://www.microsoft.com/windowsserver2003/community/centers/iis/

Relevant Pages

  • RE: website inside or outside the domain?
    ... it is better not to have domain authentication traffic ... publicly accessible web server in a DMZ, with a DC also in the DMZ ... > webserver is ... network) its not the best model to use. ...
    (Focus-Microsoft)
  • Re: Security risks when running IIS without static ip as localhost
    ... > access this web server, it is purely for developing asp pages which will ... > network to a security risk. ... For example, one vector of compromise is someone receives, say, a worm email ...
    (microsoft.public.inetserver.iis.security)
  • Re: How vulnerable server will become if placed on DMZ ?
    ... >> I have a type of Web Server. ... > protect your internal network from a compromised web server. ... A DMZ can ... > network as compared to what you probably have now, a single firewall. ...
    (microsoft.public.win2000.security)
  • Re: oops again
    ... > When you want expose the web server on the local network to the internet, ... > to the internal IP of your web server. ... > You configure the Firewall on the Router to just block every single port. ... > network but does not prevent your PCs from contacting the Internet. ...
    (microsoft.public.inetserver.iis)
  • Re: NAT Settings for exposing an internal web server to the outside world?
    ... However the client machines that are trying to access the web server are behind the same router. ... Network A: 192.168.6.0/24 Call this the backbone network. ... 192.168.12.0/24 network containing the client machines that are trying to access the web server. ...
    (microsoft.public.windows.server.networking)