RE: Windows Authentication on iis new website not working (fine on
- From: Laurent Bertin <LaurentBertin@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 9 Mar 2006 02:56:34 -0800
Got something which looks like the same...
if your not with SP1 maybe is this article usefull
http://support.microsoft.com/?scid=kb;en-us;832911&spid=2097&sid=global
in my case if i try using Domain\user (normally it shouldn't be prompted...)
it will always fail; if i try user@domain making it multiple times it
sometimes passes. (multiple refresh and alway writing exactly same values
for user/pass)
"Nick Clark" wrote:
If you're being met with an authentication window then it's definitely IIS.
and nothing else. Port numbers have nothing with authentication - just where
the web request is sent/picked up. File level security would give you the
access denied or ACL error if those were not right.
Is the server a MS or a SA server? Do users have the proper access
permissions/rights to that machine your web runs on? There's some variables
here!
Something somewhere isn't right with the web site's own
authentication/directory security settings. If authentication baffles you
then you're in for the long haul. Understanding that will keep you from
allow malicious activity on your site(s). Dig thru the following to
troubleshoot the auth issue.
http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/f66f23a1-e2ec-4c7b-8023-159f4f7991cc.mspx
http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/993a8a36-5761-448f-889e-9ae58d072c09.mspx
http://www.iisfaq.com/
http://www.iisanswers.com/
"pdbaker@xxxxxxxxxxx" wrote:
I'd be really grateful for some help on this one...I'm really not a
security whiz though so please don't baffle me :o)
Trying to move the contents on the default website onto a new website
on the same IIS server but using a different port number (81 instead of
80).
Scenario:
Full IIS (on 2003 server) running on a domain network.
Created a new website (IIS --> Add website), in addition to the default
web site.
Both default and new site set to use windows authentication. Copied the
wwwroot folder inside inetpub and renamed to projectroot (left it in
inetpub). Copied all the ntfs permissions across to the projectroot
folder. default website home directory is still wwwroot. new website
home directory is projectroot.
Accessing both sites (pmsweb01:80 and pmsweb01:81) from the local
server itself works fine (integrated authentication ok).
But from elsewhere on the network, the new site (pmsweb01:81) is met
with an authentication challenge. Entering a valid username and
password into this challenge is rejected.
I've ruled out the following:
Not the different port number - changed default website to run on port
82 and no problem.
Not the ntfs permissions on the folder - changed the home directory of
default website to point to projectroot and it works fine.
Got baffled by all the kerebos/ntlm authentication stuff, found a page
on Microsoft suggesting I force IIS to use ntlm
authentication...followed the suggestions to edit the iis metabase but
found that authenticationproviders already set to NTLM
(see
http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/7258232a-5e16-4a83-b76e-11e07c3f2615.mspx)
Found a suggestion that it might be to do with Server 2003 SP1 and
LoopBack checking so disabled that...no good.
(see http://support.microsoft.com/?kbid=896861)
Any thoughts/suggestions very gratefully received.
- Prev by Date: RE: Install SSL on Default Website Affects Other websites???
- Next by Date: Re: SSL Performance problems when migrating to IIS6
- Previous by thread: Re: no client-answer on challenge-msg (type2)
- Next by thread: Re: SSL Performance problems when migrating to IIS6
- Index(es):
Relevant Pages
|
