Re: IIS to IIS using kerberos and non-standard web port

can you provide a complete list of all SPNs that were originally registered, and that you have now added? Your can use ldifde.exe to query AD

If you have created duplicate SPNs, it won't work.

Cheers
Ken

"Pom" <Pom@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:962ACC05-2278-4401-88E2-F7EFD3DE81EC@xxxxxxxxxxxxxxxx
Yes I tried 8080.

I Have an aspx program on machine a calling a web method on machine b

"Ken Schaefer" wrote:

IIS itself doesn't use any particular library - that is dependant on your
calling code (e.g. whether it uses WinInet or some other library)

When you created the SPN for the backend server, did you specift
http/servername:8080 for your SPN?

Cheers
Ken


"Pom" <Pom@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:CA1D3836-C881-4896-8560-221EC269A28B@xxxxxxxxxxxxxxxx
>I have implemented kerberos in 3 tiers environnmnet where IIS 6.0 access >a
> web services on a separate IIS server. I have properly setup all my > SPNs,
> service account etc.. and it work fine. My problem is I have a > requirement
> to
> run my webservices server on 8080 web port. I try every combination and > I
> can't make it success full. It work if I ran my front-end on 8080 but > not
> the
> back-end. I found the following article:
> http://support.microsoft.com/kb/908209/ mentionning that IE:
>
> "the Wininet.dll file does not pass the port number of the target Web > site
> when it calls the InitializeSecurityContext function to build the > Kerberos
> ticket. This prevents Internet Explorer 6 from using the Kerberos > protocol
> to
> connect to multiple Web sites that run on different ports under > different
> identities. "
>
> Is IIS doing the same thing as IE when an IIS server contact another > IIS
> server on a non-standard port?



.

Relevant Pages

  • Re: Question on IIS servers and reverse lookup ... found answer
    ... netbios over TCP/IP on the interface your web server uses to talk to the ... There's a huge list of steps to take to secure an IIS ... logs) in addition to the low-level packet capture. ... packet is being sent to that UDP:137 port. ...
    (Focus-Microsoft)
  • Re: HttpHandler not working
    ... !>have anything to do with the non default port that I am using?? ... The 404 Page not found error from IIS is typical error message for permission problems. ... But when I run it from our web app server (Windows Server 2003-R2, ... and automatically has read rights to the datafeed directory in your development box.. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Can I run an Internet web server from a Win2K computer?
    ... You can deffinately run an internet website from IIS on Windows 2000 Pro., ... Be aware though, that there can be no more than 10 simultaneous connections, but for your homegrown website, I would think that this is not a problem. ... You will have to set up your broadband router to forward incoming HTTP connections on port 80 to the computer hosting the website ... I'm trying to use the web server that comes with Windows 2000 ...
    (microsoft.public.win2000.general)
  • Re: ISA2004 SP2: EventID 14148
    ... Please do not send email directly to this alias. ... is that it does work on Small Business Server ... IIS 6.0 and host headers. ... The Web Proxy filter failed to bind its socket to 218.188.188.188 port ...
    (microsoft.public.isa.configuration)
  • Re: Am I hacked? IIS dying, telnet localhost 443 gives: Hallo, Willkommen auf Compactzone Stro!
    ... miscreant has remote access to the box with admin rights. ... I have a server running IIS and I ... When I try to telnet the server using port 443 I get the same ...
    (microsoft.public.inetserver.iis.security)