Re: Basic Authentication domains don't work properly
From: 3ryon 5utherland (bryons_at_home.com)
Date: 03/30/04
- Next message: Chris De Herrera: "Re: Can't remember password"
- Previous message: Debbie: "IIS 6 Question re: FTP"
- In reply to: Ken Schaefer: "Re: Basic Authentication domains don't work properly"
- Next in thread: Ken Schaefer: "Re: Basic Authentication domains don't work properly"
- Reply: Ken Schaefer: "Re: Basic Authentication domains don't work properly"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 30 Mar 2004 06:48:50 -0800
Thank you for your reply Ken, it certainly explains a lot (like why
this works fine for me in Mozilla Firefox, but not IE). Does anyone
know a way to make IWA assume that the user is trying to log into a
particular domain so that they don't have to specify a domain?
"Ken Schaefer" <kenREMOVE@THISadOpenStatic.com> wrote in message news:<Osh9NYfFEHA.4084@TK2MSFTNGP11.phx.gbl>...
> When the webserver says to the user "you need to authenticate", it lists a
> set of acceptable authentication mechanisms configured on the server, in
> order from the most prefered (the strongest/most secure) to the least
> prefered (the weakest/least secure).
>
> The browser picks the highest method that it supports.
>
> So, if the users are using Internet Explorer, then IWA (either Kerberos, or
> NTLM v2) will always be used instead of Basic. Only when you turn off IWA
> will Basic be used.
>
> Cheers
> Ken
>
> "3ryon 5utherland" <bryons@home.com> wrote in message
> news:b80974e7.0403291508.657b4ec6@posting.google.com...
> : Here is my setup:
> : Web Server is in DomainAD, which I want all users to authenticate
> : against when logging into the web site. Most users are logged into a
> : machine using DomainNT, with a few users logged into DomainAD (we're
> : in the early stages of an AD migration).
> :
> : I would like the web site to allow both Integrated Auth (for users who
> : are already in DomainAD), and Basic Auth (for users who are still
> : logged in to DomainNT). When I turn on Integrated and Basic (pointing
> : to DomainAD) the DomainAD people work great, but the DomainNT people
> : must type in DomainAD\Username for their login. Just typing in their
> : user name does not work, it seems to ignore the hard coded Domain
> : value. Most of these users won't be able to remember that.
> :
> : If I turn off Integrated Auth and just allow Basic Auth it uses the
> : value specified in the Domain field, but this causes issues with the
> : Search feature in Sharepoint, which is probably not an acceptable
> : solution. Is there some reason that Basic Auth ignores the domain
> : value it's pointed to when Integrated Auth is also enabled? Is there
> : a way to get around it?
- Next message: Chris De Herrera: "Re: Can't remember password"
- Previous message: Debbie: "IIS 6 Question re: FTP"
- In reply to: Ken Schaefer: "Re: Basic Authentication domains don't work properly"
- Next in thread: Ken Schaefer: "Re: Basic Authentication domains don't work properly"
- Reply: Ken Schaefer: "Re: Basic Authentication domains don't work properly"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
