Re: IIS and Integrated Windows Authentication

From: Viperlein (Viperlein_at_discussions.microsoft.com)
Date: 11/11/04 

Date: Thu, 11 Nov 2004 14:06:52 -0800

That's sure :))
Erm, yes, that's what other guys told me, too. It is in the local intranet
of our comapny and also added to the trusted ones. As I said, for most of the
people it works, but there are few which cannot access it, because of some
settings in their profile. And that is making me crazy :))

"Miha Pihler" wrote:

> Integrated Authentication works only for sites that are located in Local
> Intranet zone in IE (if you think logically, why would browser send your
> credentials to just any site on the _internet_ that would request them ;-)
> ....). This would be default be e.g. http://site/ but not
> http://site.domain.com or http://10.10.10.10 (where 10.10.10.10 is IP of
> site.domain.com). If you add http://site.domain.com to your Local Intranet
> Zone your browser will then use IA for when client accesses this site.
>
> You can centrally manage IE Zones using group policy and Active Directory.
>
> Mike
>
> "Viperlein" <Viperlein@discussions.microsoft.com> wrote in message
> news:1B2F0B06-EF5F-482B-B44D-E8DBB20DCB11@microsoft.com...
> > Hmmm, thanks.
> >
> > But why does this not happen to ALL people, but only a few with their
> > certain profile.
> > How can this be profile related ? In the company each one has the same
> > installation and updates. Some have more software than others. But in the
> > end, the browser configuration is the same to all.
> > I thought if I activate "Integrated WIndows Authentication", the login of
> > the user is used automatically and all the rights for drives and so on are
> > taken from the Active Directory, as it is for all who do not get the error
> > ?
> >
> > "Miha Pihler" wrote:
> >
> >> Hi,
> >>
> >> You will always get authentication failed on a website that is not
> >> accessible anonymously. This is "caused" by web browser (any of them)
> >> trying
> >> to access site anonymously (browser can't know beforehand that site is
> >> protected). Once the site returns "authentication failed" it will return
> >> list of authentication options that it will support (e.g. IA, Basic,
> >> ...).
> >>
> >> INFO: How IIS Authenticates Browser Clients
> >> http://support.microsoft.com/default.aspx?scid=kb;en-us;264921
> >>
> >> Mike
> >>
> >> "Viperlein" <Viperlein@discussions.microsoft.com> wrote in message
> >> news:6BC95DC9-1E4F-4DCE-B6DE-CE2B17CA9DF3@microsoft.com...
> >> > Hello @ll :)
> >> >
> >> > We have a problem with our ASP.NET application and the IIS in our
> >> > company:
> >> >
> >> > As soon as you disable the "Anonymous access" and use the integrated
> >> > Windows
> >> > Authentication, some users (it is only XP-profile dependant, not PC
> >> > dependant
> >> > !) receive a "Bad Request" when calling the startpage. If you look
> >> > closely
> >> > at
> >> > the communication with a sniffer, there you see an "authentication
> >> > failed"
> >> > error before receiving the "Bad request" one.
> >> >
> >> > I also made a simple ASP.NET page with an asp-button on it without any
> >> > functionality and the same settings for the IIS. And guess what ????
> >> > The error also appears !
> >> >
> >> > So no problem with our program.
> >> >
> >> > We have no idea what to do any further ............
> >> > Any ideas would be welcome !
> >> >
> >> > Thank you all for your support !
> >> >
> >> > Christian
> >>
> >>
> >>
>
>
>

Relevant Pages

  • Re: Kerberos
    ... IE thinks that the site is in the Local Intranet zone. ... the browser window is closed ... credentials to a server without prompting the user. ...
    (microsoft.public.inetserver.iis.security)
  • Re: WSS 3.0 prompting for authentication on Vista clients
    ... Sadly, my previously posted solution (configure your Sharepoint server in the "Local intranet" Zone, AND disable protected mode) ceased working after a day in production, so I guess my pride at being placed in the WSS FAQ was premature. ... Even if the previously posted solution did work, I think that a permanent Information Bar pop-up in IE which advises users on managed computers that their IE settings are making their computer vulnerable is a bad thing. ... Mike Walsh wrote: ...
    (microsoft.public.sharepoint.windowsservices)
  • Re: cant get on gaming zone.com
    ... > I have been playing on games now for several months. ... Delete Zone.exe and Zclient.exe then reenter the Zone. ... Some browsers/news readers mistakenly show the download as text. ... looks like gibberish at the bottom of the post or browser. ...
    (microsoft.public.games.zone)
  • Re: Alert trojan ITBar, Pugi.PugiObj.1, Ysb. Obj, from 217.170.4.137 What to do ?
    ... >Funny, that, Art. ... use a decent browser. ... >you say to use another browser to stop ads. ... >added to Restricted or Trusted Zone with two clicks. ...
    (alt.comp.anti-virus)
  • Re: I cant get past backgammon rooms,missing files?
    ... messages saying failed to download http://fdl.msn.com/zone/datafiles/cardboard.za_. ... and then zset was started,but rejected the component data.Please verify that zone installation is valid.-then i seen something like zone needs to update,receiving old stored files from my Isp,they need to update the files.--so where or how do i go about this.? ... This depends on the browser and whether you were emailed the attachment or you clicked a link to it. ... Your isp -may- need to purge the outdated Zone files from their cache. ...
    (microsoft.public.games.zone)