IIS 6 and Kerberos Authentication
From: Alex Sorcinelli (asorcinelli_at_itconsult.it)
Date: 06/17/05
- Next message: Tom Kaminski [MVP]: "Re: Windows Integrated Authentication on standalone server"
- Previous message: Bernard Cheah [MVP]: "Re: 401.3 on IIS after SP1"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 17 Jun 2005 08:54:19 +0200
Hello,
i try to set-up kerberos delegation in a Windows 2003 server with IIS 6.0.
I have a web service installed in the default web site and it call another
application installed in another server. The credentials of the user that
call the web service need to be passed to the second application.
I read all the Microsoft documents about delegation but i still have the
problem. This is my situation:
- IIS 6 is running with Local System.
- For the default web site i have setup the NTAuthenticationProviders with
"Negotiate,NTLM"
- In AD i set the check Trusted for delegation
- The web service use Impersonate, and i Windows authentication.
When i call the web service i see on the event viewer that the user connect
with the kerberos protocol, but then in the second machine i see that is the
anonymous user that try to authenticate.
I use kerbtray utility to see the tickets in the first machine and i don't
see a kerberos ticket for the second machine.
Any suggestions? Do i need to setup IIS 6 in a different way?
Thanks, Alex
P.S. Sorry if this isn't the right newsgroup, but i think that the problem
can be IIS 6 and not AD or other components.
- Next message: Tom Kaminski [MVP]: "Re: Windows Integrated Authentication on standalone server"
- Previous message: Bernard Cheah [MVP]: "Re: 401.3 on IIS after SP1"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
