Re: Certsrv Page not authenticating with IE

From: Ken Schaefer (kenREMOVE_at_THISadOpenStatic.com)
Date: 10/26/05

Next message: Ken Schaefer: "Re: Code runs until Basic Authentication or Digest Authentication is r"
Previous message: David Wang [Msft]: "Re: My web forms will not allow users to submit."
In reply to: BCW: "Certsrv Page not authenticating with IE"
Next in thread: BCW: "Re: Certsrv Page not authenticating with IE"
Reply: BCW: "Re: Certsrv Page not authenticating with IE"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 26 Oct 2005 12:27:05 +1000

The first request should be anonymous, then you should be prompted for
credentials (or IE send them automagically, depending on your IE settings).

Can you post the corresponding IIS logfile entries for the requests in
question? (when you have IWA enabled?)

Cheers
Ken

"BCW" <nospam@cfl.rr.com> wrote in message
news:%23Hq63pb2FHA.2364@TK2MSFTNGP12.phx.gbl...
:I have an XP Pro client with a user logging on who is in the Domain Admins
: group. There is only one DC, server01 in tailspintoys.com. The DC is
also
: a certificate server and Exchange server for coursework. When I try to
get
: a certificate at http://server01/certsrv my authentication fails using
: windows integrated authentication. If I enable anonymouse authentication
I
: can access the site, but the registration request will not complete. I
: captured packets with ethereal and it shows that my userid is not being
: sent with the request:
:
: Microsoft Windows Logon Protocol (Old)
: Command: SAM LOGON request from client (0x12)
: Request count: 0
: Unicode Computer Name: WINXP-2-7
: User Name:
: Mailslot Name: \MAILSLOT\NET\GETDC501
:
: The authentication is apparently failing at this point because there is no
: User Name. The following message back from the server is:
:
: SAM Active Directory Response - user unknown
:
: which makes sense. How should I troubleshoot this?
:

Next message: Ken Schaefer: "Re: Code runs until Basic Authentication or Digest Authentication is r"
Previous message: David Wang [Msft]: "Re: My web forms will not allow users to submit."
In reply to: BCW: "Certsrv Page not authenticating with IE"
Next in thread: BCW: "Re: Certsrv Page not authenticating with IE"
Reply: BCW: "Re: Certsrv Page not authenticating with IE"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

[REVS] NTLM HTTP Authentication is Insecure By Design
... in front of a web server, and that proxy server shares a single TCP ... These are attacks that make use of non-RFC HTTP requests (HTTP Request ... the authentication is associated with the ...
(Securiteam)
Re: EAP-TLS with windows CE
... The AP was sending out an Identity Request every second, ... request to the identification server. ... When the server asks the Windows CE device to identify itself, ... I could easily steal your authentication information. ...
(microsoft.public.windowsce.platbuilder)
Re: Strange Digest Authentication behaviour
... That's the way the http stack does authentication. ... After the first request ... The IIS web server on the midtier is setup to use Digest ... > - First request to server is given 401 Access Denied message with nonce ...
(microsoft.public.inetserver.iis.security)
Re: Wireless Radius Clients
... forwards requests to the Authentication Server? ... router and not a AP however it does have the Radius selection under ... Access request for user stevef@xxxxxxxxxxxxx was discarded. ...
(microsoft.public.windows.server.networking)
Re: Is NTLM Authentication very expensive? (for bandwidth)
... request cause it has to do the challenge response, ... >> permissions and just using Integrated Authentication ... >> the server twice every time, once as anymous and once as ... because there are in total 57 failed anymous HTTP ...
(microsoft.public.inetserver.iis.security)