Help Required: Digest Authentication and Trusted environment

From: Anshuk Jain (virarlocal_at_yahoo.com)
Date: 06/20/04

Next message: danielle: "Re: Help please to authenticate Windows users"
Previous message: kfrank: "vpn"
Next in thread: Ken Schaefer: "Re: Help Required: Digest Authentication and Trusted environment"
Reply: Ken Schaefer: "Re: Help Required: Digest Authentication and Trusted environment"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 20 Jun 2004 10:23:42 -0700

Scenario:
There are 2 servers.
server1.domain1.microsoft.com and server2.domain2.microsoft.com.

There are 2 users.
domain1\user1 and domain2\user2

I need to provide Digest Authentication at both the servers. Both the
servers are Windows 2003 Server. Users have a valid Windows user
account stored in Active Directory® on the domain controller.

Problem:

In server1.domain1.microsoft.com, only user1 is getting authenticated
while in server2.domain2.microsoft.com, only user2 is getting
authenticated. I am checking this by trying to access an html file in
a virtual directory at both the servers.

What should I do so that user2 also gets authenticated in
server1.domain1.microsoft.com and similarly user1 also gets
authenticated in server2.domain2.microsoft.com?

What settings need to be enabled so that the above is possible?

Also server1.domain1.microsoft.com allows both user1 and user2 to be
added in its local group. But server2.domain2.microsoft.com allows
only user2 to be added in its local group

My Knowledge:
The requirements as identified by Digest Authentication are:

The user and the server running IIS must be members of, or be trusted
by, the same domain.
An authenticating domain controller and the server that is running IIS
must exist in a trusted environment.

How should I create this trusting relationship between 2 domains?

Regards,
Anshuk Jain

Next message: danielle: "Re: Help please to authenticate Windows users"
Previous message: kfrank: "vpn"
Next in thread: Ken Schaefer: "Re: Help Required: Digest Authentication and Trusted environment"
Reply: Ken Schaefer: "Re: Help Required: Digest Authentication and Trusted environment"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Digest Authentication on Win2003
... Digest Authentication requires that the user accounts are Domain accounts ... please get the free sample chapter from my IIS 6.0 ... authentication requires the IIS server to be a domain controller? ...
(microsoft.public.inetserver.iis)
Re: Digest Authentication on Win2003
... Digest Authentication requires that the user accounts are Domain accounts ... please get the free sample chapter from my IIS 6.0 ... authentication requires the IIS server to be a domain controller? ...
(microsoft.public.inetserver.iis.security)
Re: OT - Anyone here use SBC DSL with Free Agent?
... I've gotten many "authentication required" msgs as well as ... requiring authentication for use of its news servers. ...
(rec.roller-coaster)
Re: Authenticating mixed clients for Internet Access
... user authentication with samba PDC. ... look into the winbind suite of samba and give some ACL ... but it is the Internet access control ... > Linux and NT servers. ...
(Security-Basics)
Re: authenticating users from different domains
... the concept of RADIUS servers ... you have several independent authentication networks. ...
(microsoft.public.windows.server.security)