Re: New post: Integrated Windows Authentication for remote users
From: Chris Adams \(MSFT\) (chrisad_at_online.microsoft.com)
Date: 08/26/03
- Next message: David Wang [Msft]: "Re: Source Code to Filter out WindowsMessenger POP-UPS"
- Previous message: Chris Adams \(MSFT\): "IIS Webcast: Tuesday Sept 3rd, 9:30 PST"
- In reply to: sharky: "Re: New post: Integrated Windows Authentication for remote users"
- Next in thread: Tom Kaminski [MVP]: "Re: New post: Integrated Windows Authentication for remote users"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 25 Aug 2003 21:41:32 -0700
Hello ~
Integrated (which includes Negioate and NTLM) is not supported outside the
local network. The reason being is that for Negotiate, kerberos requires
that all clients authenticating have trusted connections to the Key
Distribution Center (KDC) and this just isn't likely or possible since most
KDC's are Active Directory...
For NTLM, it requires HTTP Keep-Alives which a lot of proxies don't like and
hence it is troublesome to get working. It isn't likely that every point
from a to b supports keep-alives or NTLM when hitting the internet...
HTH,
-- ~Chris (MSFT) IIS Supportability Lead Provided As-Is. "sharky" <sharky2@nospam.com> wrote in message news:OzMfqPwaDHA.1940@TK2MSFTNGP10.phx.gbl... > All clients connect and authenticate using MSIE using W2k or better. > As far as I know, no XP clients are having trouble. > > > "Roger Abell" <abell@NOSpam.asu.edu> wrote in message > news:uOXhqEsaDHA.1600@TK2MSFTNGP09.phx.gbl... > > Can you generalize about the OS version on the clients > > that do have problems with the authenticated access area ? > > Are they all XP ? > > > > -- > > Roger Abell > > Microsoft MVP (Windows, Security) > > MCSE (W2k3,W2k,Nt4) MCDBA > > "sharky" <sharky2@nospam.com> wrote in message > > news:%23shk20qaDHA.2024@TK2MSFTNGP12.phx.gbl... > > > I am using Integrated Windows Authentication to protect a directory on a > > web > > > server. All clients connect and authenticate using MSIE using W2k or > > better. > > > It works fine inside my LAN, and on some other places outside my LAN, > but > > on > > > some computers when I connect to the password protected directory (still > > > using MSIE), I simply get; "Error. Access Denied". These users can > connect > > > to the main web server just fine- they only get this error when they try > > to > > > access that particular directory. > > > > > > The error is not coming from my customized error pages, and the user > does > > > not get a Windows password prompt. Just the error. There are no access > > > priveliges denied on the web server or on the firewall to this web > server > > or > > > directory. > > > > > > Does anyone know if this is a client-side or server-side issue, or if > > there > > > is a way to fix this for my users? > > > > > > Thanks in advance for suggestions/solutions. > > > > > > > > > > > > > -------------------------------------------------------------------------- > > -- > > > ------- > > > I apoligize if this post showed up multiple times. I found that I was > > using > > > the same subject line as a previous post and that prevented it from > being > > > viewed properly. > > > > > > > > > > > > > > >
- Next message: David Wang [Msft]: "Re: Source Code to Filter out WindowsMessenger POP-UPS"
- Previous message: Chris Adams \(MSFT\): "IIS Webcast: Tuesday Sept 3rd, 9:30 PST"
- In reply to: sharky: "Re: New post: Integrated Windows Authentication for remote users"
- Next in thread: Tom Kaminski [MVP]: "Re: New post: Integrated Windows Authentication for remote users"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
