Re: IIS 5.0 Integrated Authentication always looks locally than to the domian it has joined

From: Bernard (qbernard_at_hotmail.com.discuss)
Date: 03/30/04 

Date: Tue, 30 Mar 2004 16:45:59 +0800

If it's a DC, of coz it uses the domain,
if member server, you need domain\username syntax. 

-- 
Regards,
Bernard Cheah
http://support.microsoft.com/
http://www.msmvps.com/bernard/
"Tom Kaminski [MVP]" <tomk (A@T) mvps (D.O.T) org> wrote in message
news:c49jft$4s013@kcweb01.netnews.att.com...
> "Ken Schaefer" <kenREMOVE@THISadOpenStatic.com> wrote in message
> news:OD5ZLWZFEHA.3764@TK2MSFTNGP12.phx.gbl...
> >
> > "Tom Kaminski [MVP]" <tomk (A@T) mvps (D.O.T) org> wrote in message
> > news:c498sb$4rv15@kcweb01.netnews.att.com...
> > : "Nachi" <anonymous@discussions.microsoft.com> wrote in message
> > : news:0865F758-8801-4878-B1E6-EBCBB453117F@microsoft.com...
> > : > I've a Win2K machine joined to a domain. Setup the IIS to Integrated
> and
> > : the rest of authetication option are not set. Whenever I browse to any
> > HTML
> > : page, authentication happens locally and not against the domain
joined.
> > Upon
> > : enabling basic authentication alone (with the domain pointing to the
> > joined
> > : domain), it works by authenticating against the said domain. But
> strangely
> > : with 'integrated authentication' alone, it always goes to local
machine
> > : ratherthan joined domain. Is there a way to force authentication
against
> > : domain explicitly?
> > :
> > :
> > : Specifically how are you testing this?  IIS should use the domain.
> >
> >
> > Not in my experience...
> >
> > IIS interprets Username as <LocalIISServer>\Username rather than
> > <Domain>\Username
>
> I wonder why?  It's always worked correctly in my environment - which is
the
> whole point of Windows Integrated authentication (to use the domain).
>
> -- 
> Tom Kaminski IIS MVP
> http://www.iistoolshed.com/ - tools, scripts, and utilities for running
IIS
> http://mvp.support.microsoft.com/
> http://www.microsoft.com/windowsserver2003/community/centers/iis/
>
>
>

Relevant Pages

  • Re: HELP PLEASE The request failed with HTTP status 401: Access Denied.
    ... Web Security: Part 2: Introducing the Web Application Manager, Client ... Authentication Options, and Process Isolation ... It introduces the Web Application Manager in IIS that ... logon session, which is dangerous. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • RE: Can no longer access ActiveSync
    ... OMA and Exchange/Exchange-OMA virtual directory. ... Please verify Authentication settings by the following steps. ... Open IIS Manager ... issue may be caused by the Exchange attribute of original user account. ...
    (microsoft.public.exchange.admin)
  • Re: Locked User Accounts On IIS 5.0
    ... > Having my own authentication check would involve other security issues. ... > think I'd take advantage of the built IIS one. ... which queries the security event log with a WMI ... >> Bernard Cheah ...
    (microsoft.public.inetserver.iis.security)
  • Re: Basic Authentication fails with Error 401.2 where Integrated s
    ... I didn't realise the Web Sites folder in IIS manager threw up a global ... sure that Basic Authentication is allowed to function on your server. ... ACCOUNTNAME, this is the account that I am trying to grant access to: ... Account: COMPUTERNAME\ACCOUNTNAME Access type: FULL ...
    (microsoft.public.inetserver.iis.security)
  • Re: IIS / NTFS permissions
    ... > I'm using IIS 5.0 on Windows 2000 Server. ... >>Bernard Cheah ... >>Please respond to newsgroups only ... ... >>> Further, if I enable anonymous authentication, IIS ...
    (microsoft.public.inetserver.iis.security)