Re: Digest Authentication on Win2003

From: Clementius (anonymous_at_discussions.microsoft.com)
Date: 06/22/04

  • Next message: Ken Schaefer: "Re: Digest Authentication on Win2003" 
    Date: Mon, 21 Jun 2004 18:45:12 -0500

    From
    http://www.microsoft.com/resources/documentation/IIS/6/all/techref/en-us/iisRG_SEC_9.mspx :
    "Digest authentication. This authentication method operates much like Basic
    authentication, except that passwords are sent across the network as a hash
    value for additional security. Digest authentication is available only on
    domains with domain controllers running Windows server operating systems."
    Does someone have input about the previous requirements and whether digest
    authentication requires the IIS server to be a domain controller? Thank you.
    C

    "Clementius" <anonymous@discussions.microsoft.com> wrote in message
    news:O%23KFpg%23VEHA.2288@TK2MSFTNGP10.phx.gbl...
    > I read on Win2000mag that Digest Authentication requires IIS 5.0 to run on
    a
    > domain controller. Is this true with IIS 6.0 and Windows 2003? Thank you.
    C
    >
    > "Clementius" <anonymous@discussions.microsoft.com> wrote in message
    > news:O%237vlU%23VEHA.3696@TK2MSFTNGP10.phx.gbl...
    > > Hi,
    > > We are trying to use Digest Authentication on IIS 6.0. The IIS server is
    > in
    > > a dmz. The home directory for the default web site points to a share
    > located
    > > on another Win2003 server residing inside the network. We opened the
    > > required ports inbound on the firewall and were able to access the share
    > > drive from Windows Explorer on the IIS server. When going to IIS default
    > > page, we are prompted for a username and password (as expected). We
    cannot
    > > login using the administrator account or any other account. We get
    > prompted
    > > 3 times and finally get: HTTP Error 401.3 - Unauthorized: Access is
    denied
    > > due to an ACL set on the requested resource.
    > > The firewall log file does not show any denied traffic from IIS to the
    > > internal server.
    > > Any thoughts? Thanks for your help. C
    > >
    > >
    >
    >

  • Next message: Ken Schaefer: "Re: Digest Authentication on Win2003"

    Relevant Pages

    • Re: Digest Authentication on Win2003
      ... This authentication method operates much like Basic ... Digest authentication is available only on ... domains with domain controllers running Windows server operating systems." ... authentication requires the IIS server to be a domain controller? ...
      (microsoft.public.inetserver.iis)
    • Re: Digest Authentication on Win2003
      ... Digest Authentication requires that the user accounts are Domain accounts ... please get the free sample chapter from my IIS 6.0 ... authentication requires the IIS server to be a domain controller? ...
      (microsoft.public.inetserver.iis)
    • Re: Digest Authentication on Win2003
      ... Digest Authentication requires that the user accounts are Domain accounts ... please get the free sample chapter from my IIS 6.0 ... authentication requires the IIS server to be a domain controller? ...
      (microsoft.public.inetserver.iis.security)
    • Re: [Full-disclosure] CallManager and OpeSer toll fraud and authentication forward attack
      ... Digest authentication, ... SIP toll fraud and authentication forward attack ... RS> The tested systems do not associate a Digest authentication to a dialog ... RS> This vulnerability was identified by the Madynes research team at INRIA ...
      (Full-Disclosure)
    • Re: WebDAV problem with digest authentication behind firewall
      ... > Only a confirmation of what I see (except of the WebDAV Miniredir?)> ... >> Bernard Cheah ... >>> On my website I only use digest authentication, all other auhentication>> methods are disabled and it's working good now. ...
      (microsoft.public.inetserver.iis)