Re: Newbie Windows Authentication, IIs and Intranet vs Internet users.

From: Ken Schaefer (kenREMOVE_at_THISadOpenStatic.com)
Date: 10/06/04 

Date: Wed, 6 Oct 2004 14:54:32 +1000

The easiest way to do this is to:

a) Change the IIS configuration to not allow "anonymous authentication", and
require some other kind of authentication instead (eg Basic, Integrated,
Digest). Read this for more information:
http://www.adopenstatic.com/resources/books/293_CYA_IIS6_05.pdf

b) Change your Application Programming Environment to use IIS'
authentication system. For ASP apps you don't need to do anything. For
ASP.NET apps, you can toggle Windows authentication on in your web.config
file. If you are using Cold Fusion or something else you may need to take
other steps.

Cheers
Ken

"Gramps" <simon_hooker@iprimus.com.au> wrote in message
news:uvLSId1qEHA.348@TK2MSFTNGP15.phx.gbl...
> Hi,
>
>
> My requirement is to verify that a Windows logged-on user is permitted to
> access a given intranet application hosted on IIS
>
> I am to write this Web app.
>
> 1) Is there a best practice approach to this?
> 2) Do user accounts get stored in Db of the new web app? If so, how is
> this affected by a user changing their Windows password?
>
> 3) I've read doco on authentication, anonymous etc and determined that if
> web application is accessed only from the company intranet then Windows
> Authentication seems possible and without storing account info locally to
> new web app.
> - Is this correct?
> - Can the web app be restricted to certain users rather than all valid
> windows accounts?
>
>
> 4) How does windows authentication fit with those users at home say, with
> a dial-up internet connection, trying to access the web app?
>
>
> Thanks.
>
>
>
>

Relevant Pages

  • Re: Windows Authentication method on IIS6
    ... The microsoft.public.windows.server.* groups deal with Windows 2003 ... The microsoft.public.inetserver.* groups deal with IIS ... > the authentication button, ... You can configure either one or multiple realm names on a server running IIS ...
    (microsoft.public.win2000.security)
  • Re: How to access Windows IIS User Info with Perl
    ... but the IIS server is configured for Windows ... allowed for Basic Authentication, Windows Authentication (or whatever ... Do you know if they are part of a standard ...
    (comp.lang.perl.misc)
  • Windows Authentication with IIS on separate machines
    ... Yes, setting Basic Authentication in IIS works, but the ... >in SQL server but doesn't work if user account was ... >imported from a Windows account. ...
    (microsoft.public.sqlserver.security)
  • Re: Change in ASP.Net authentication between Win2000 and Win2003
    ... IIS Resource Guide). ... I next looked a little into Windows 2003. ... IMHO, the label on the option, "Enable Integrated Windows Authentication", ... the documentation leads one to ...
    (microsoft.public.windows.server.security)
  • Re: Change in ASP.Net authentication between Win2000 and Win2003
    ... IIS Resource Guide). ... I next looked a little into Windows 2003. ... IMHO, the label on the option, "Enable Integrated Windows Authentication", ... the documentation leads one to ...
    (microsoft.public.inetserver.iis.security)