Re: Integrated authentication across domains



Let's assume these domains are in one forest.
The IIS machine needs to be able to contact the domain controllers
of the account domain in order to authenticate the requestor.
Are you leveraging the Windows security event log to help you
see what is (not) happening?

<jonas.berling@xxxxxxxxx> wrote in message
news:1194556583.948283.53070@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hi!

Our intranet is running IIS6 on Win2k3 and is using Windows Integrated
Authentication without SSL. It is working perfectly as long as the
users are on the same domain as the server.

The company has opened a new office abroad and staff from this office
are on a different domain. We would now want them to be able to access
our intranet over some leased lines and we have opened up the
firewalls accordingly. The users abroad are running IE6 and their IT
admin has set our domain into their browser's intranet zone.

The users can contact the server and are prompted for their login and
password and that's how it should be. They enter <Domain>\Login and
their password and press enter. The strange thing is that now nothing
more happens. The browsers appear to be loading some data but nothing
appears on the screen, it just stays white. There is no error message
and there is nothing in netiher the servers event log nor its web
server log and it just stays like this "forever". The user's browser
says "intranet" in the bottom right corner, so it appears to got that
one straight.

What could be the problem? Do we have to use SSL? Could it be some
strange setup in the firewalls - the web server is on port 80 and that
is what is opened in the firewalls. Suggestions, anyone?


Regards,

Jonas



.



Relevant Pages

  • Re: Integrated authentication across domains
    ... Our intranet is running IIS6 on Win2k3 and is using Windows Integrated ... users are on the same domain as the server. ... firewalls accordingly. ...
    (microsoft.public.inetserver.iis.security)
  • Re: What are the best general things to do after a dirty shutdown (Server SBS)
    ... Microsoft Windows Small Business Server 2003 Best Practices Analyzer ... After that, please post any event log errors, just the EventID# and Source names, not the whole error message. ... error 15100 Win32 Error 15100. ... One is indicating it can't retrieve info about the System log. ...
    (microsoft.public.windows.server.sbs)
  • Re: What are the best general things to do after a dirty shutdown (Server SBS)
    ... test network connectivity to local domain controllers. ... Directory Server Diagnosis ... Verifying that the local machine ALPHA, ... The File Replication Service Event log test ...
    (microsoft.public.windows.server.sbs)
  • Re: What are the best general things to do after a dirty shutdown (Server SBS)
    ... Microsoft Windows Small Business Server 2003 Best Practices Analyzer ... After that, please post any event log errors, just the EventID# and Source names, not the whole error message. ... (Event String (event log = Directory Service) ...
    (microsoft.public.windows.server.sbs)
  • Re: Server2003 2008 error !!
    ... Remove the x.x.1.x form the NIC of the DCs and configure it as a FORWARDER or use directly the ISPs DNS server as Forwarders in the DNS server properties in the DNS management console. ... On the 2008 make sure the internal firewall is not blocking AD replication, by default the firewall is enabled ion 2008. ... The event log File Replication Service on server ... EventID: 0x000003EE ...
    (microsoft.public.windows.server.active_directory)