Re: Integrated authentication across domains

Let's assume these domains are in one forest.
The IIS machine needs to be able to contact the domain controllers
of the account domain in order to authenticate the requestor.
Are you leveraging the Windows security event log to help you
see what is (not) happening?

<jonas.berling@xxxxxxxxx> wrote in message

Our intranet is running IIS6 on Win2k3 and is using Windows Integrated
Authentication without SSL. It is working perfectly as long as the
users are on the same domain as the server.

The company has opened a new office abroad and staff from this office
are on a different domain. We would now want them to be able to access
our intranet over some leased lines and we have opened up the
firewalls accordingly. The users abroad are running IE6 and their IT
admin has set our domain into their browser's intranet zone.

The users can contact the server and are prompted for their login and
password and that's how it should be. They enter <Domain>\Login and
their password and press enter. The strange thing is that now nothing
more happens. The browsers appear to be loading some data but nothing
appears on the screen, it just stays white. There is no error message
and there is nothing in netiher the servers event log nor its web
server log and it just stays like this "forever". The user's browser
says "intranet" in the bottom right corner, so it appears to got that
one straight.

What could be the problem? Do we have to use SSL? Could it be some
strange setup in the firewalls - the web server is on port 80 and that
is what is opened in the firewalls. Suggestions, anyone?