Re: NTLM Authentication on IIS 6.0

kaverorzi@xxxxxxxxx wrote:
I have an Intranet site set up on IIS 6.0 and have an intermitten
problem. A couple of areas on the Intranet are restricted. We have
Windows Intergrated Authentication enabled on the couple of pages that
require access. I have a security group set up with only the users who
require access and the group has full control. No other account has
access. The problem happens to everyone in the security group.
Sometimes a user can go for two weeks without being prompted for
username/password and sometimes it happens two or three times a day.
When I click the link and am prompted, I use my userid/password and
authentacation fails. I use the administrator un/pw and that fails.
Other users use their logons and fails also. Now everytime I am
prompted and use the local administrator username/password for that
server, it works everytime. I know that NtAuthenticationProviders is
set to Negotiate,NTLM since that is supposed to be the default, and I
never changed it. The following is logged to the security log when
unable to access the intranet page:
11/7/2006 4:32:35 PM Security Failure Audit Account Logon 680 NT
AUTHORITY\SYSTEM FEC-2KNT4 "Logon attempt
by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
Logon account: administrator
Source Workstation: IT_OPERATOR
Error Code: 0xC000006A

The 529 event it also will show up but that is the usual logon failure
I often see returned for all kinds of authentacition problems.

I can't seem to be able to figure out what I have configured wrong and
why it is intermitten. If it failed every single time this wouldn't
seem as strange to me. Any suggestions would be greatly appreciated.

Thanks!

Rick

I think I left out something that may be important. The web server is
running under a local account. That hasn't been a problem so far. I can
access the shared folders on that server no problem from the other
servers and workstations. Normal Intranet pages work fine also. Of
course when I am on the web server and want to access another server I
must supply some credentials. Could not having that server run under a
domain account be causing the problem intermittently? From my
understanding it shouldn't matter but I have been wrong before.

Thanks!

Rick

.

Relevant Pages

  • Re: Constant Password Authentication
    ... domain and server name in the URL. ... confirm that the same authentication methods are checkmarked as compared to ... Within our organisation there are staff who are ... > Up until recently a company that has had access to our intranet had been ...
    (microsoft.public.inetserver.iis.security)
  • RE: Windows authentication from ASP.NET to SQL Server
    ... The easiest way is to turn off anonymous access for the Intranet site. ... will force authentication, usually through a login box (although the network ... > intranet server and our database server, both of which are on our local ... > Successful Network Logon: ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Web App Security and MSIE Settings
    ... "Intranet users" group have read access to the virtual directory. ... We access the server using the netbios name, ... >> In an AD mixed mode environment, MSIE clients running on WinXP have ... >> random authentication dialogs. ...
    (microsoft.public.dotnet.security)
  • Re: [ISA 2004] Probleme mit WUS
    ... Synchronisation Fails dues to Authentication Failure ... WUS fails to download content into D drive. ... remote server. ... If you are using ISA server, then enable Digest Authentication on the ISA ...
    (microsoft.public.de.german.isaserver)
  • Re: User NT Authentication
    ... intranet environment but certain security guideline need ... >> authentication token to ensure that the user has logged ... >> environment variable on the server ... >Windows Integrated authentication if you're on an ...
    (microsoft.public.inetserver.iis.security)