Re: IIS 5.0 Integrated Authentication always looks locally than to the domian it has joined

From: Tom Kaminski [MVP] ((A_at_T))
Date: 03/29/04 

Date: Mon, 29 Mar 2004 11:47:35 -0500

"Ken Schaefer" <kenREMOVE@THISadOpenStatic.com> wrote in message
news:OD5ZLWZFEHA.3764@TK2MSFTNGP12.phx.gbl...
>
> "Tom Kaminski [MVP]" <tomk (A@T) mvps (D.O.T) org> wrote in message
> news:c498sb$4rv15@kcweb01.netnews.att.com...
> : "Nachi" <anonymous@discussions.microsoft.com> wrote in message
> : news:0865F758-8801-4878-B1E6-EBCBB453117F@microsoft.com...
> : > I've a Win2K machine joined to a domain. Setup the IIS to Integrated
and
> : the rest of authetication option are not set. Whenever I browse to any
> HTML
> : page, authentication happens locally and not against the domain joined.
> Upon
> : enabling basic authentication alone (with the domain pointing to the
> joined
> : domain), it works by authenticating against the said domain. But
strangely
> : with 'integrated authentication' alone, it always goes to local machine
> : ratherthan joined domain. Is there a way to force authentication against
> : domain explicitly?
> :
> :
> : Specifically how are you testing this? IIS should use the domain.
>
>
> Not in my experience...
>
> IIS interprets Username as <LocalIISServer>\Username rather than
> <Domain>\Username

I wonder why? It's always worked correctly in my environment - which is the
whole point of Windows Integrated authentication (to use the domain). 

-- 
Tom Kaminski IIS MVP
http://www.iistoolshed.com/ - tools, scripts, and utilities for running IIS
http://mvp.support.microsoft.com/
http://www.microsoft.com/windowsserver2003/community/centers/iis/

Relevant Pages

  • Re: HELP PLEASE The request failed with HTTP status 401: Access Denied.
    ... Web Security: Part 2: Introducing the Web Application Manager, Client ... Authentication Options, and Process Isolation ... It introduces the Web Application Manager in IIS that ... logon session, which is dangerous. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: HTTP_AUTHORIZATION header
    ... I do not believe IIS is distinguishing between the two cases you mention. ... I authenticate by displaying the HTML page containing the form, ... both result in the HTTP_AUTHORIZATION header not being sent to the CGI. ... I do understand the authentication protocols involved, ...
    (microsoft.public.inetserver.iis.security)
  • RE: Can no longer access ActiveSync
    ... OMA and Exchange/Exchange-OMA virtual directory. ... Please verify Authentication settings by the following steps. ... Open IIS Manager ... issue may be caused by the Exchange attribute of original user account. ...
    (microsoft.public.exchange.admin)
  • Re: Basic Authentication fails with Error 401.2 where Integrated s
    ... I didn't realise the Web Sites folder in IIS manager threw up a global ... sure that Basic Authentication is allowed to function on your server. ... ACCOUNTNAME, this is the account that I am trying to grant access to: ... Account: COMPUTERNAME\ACCOUNTNAME Access type: FULL ...
    (microsoft.public.inetserver.iis.security)
  • Re: SBS2k3 and activesync over the air
    ... the Exchweb virtual directory. ... ONLY 'Basic authentication' is selected ... please restart your IIS service and test your issue again. ... Regarding ActiveSync issue, support code 0x85010014 means error HTTP 500. ...
    (microsoft.public.windows.server.sbs)