Re: Windows XPx64 does not require user authenication against Shar

Roger,

Sorry I didn't answer your other points,

So, if a machine local account logs into an x64 XP it gets prompted
when attempting access to any of those Sharepoint webs, but if ANY
domain account logs in then it can access ANY of the Sharepoint webs
even though some of them are restricted so they should not allow that
domain account. Correct summary?

Yes this is correct, however without changing the settings that I discribed in my first reply, they don't get prompted, they have full access and that is not a good thing at all. All they have to do is be a member of the Domain within where the Sharepoint sites reside and they get access, period, to both Top level portals and sub sites they are not setup in.<<

To prevent those who will never have a need to access these site I have gone
one step further, I have placed the Sharepoint URLS within a Restricted Zone,
and have set the User Authenication/Logon to "Anonymous logon". This thoughs
then into a You are not authorized page since the SS portals deny this type
of logon.


"Roger Abell [MVP]" wrote:

"StanP" <sep@xxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:044BB026-22C1-4F22-AE63-0EF30D421CC8@xxxxxxxxxxxxxxxx
I have a mixed environment with x86 and x64 XP systems. All have the
updates
required and most access Sharepoint 2003 portals. Anonymous Access is not
allowed, Windows Authentication is required, however have found that none
of
the x64 clients are prompted for user credentials (DOMAIN\username and
password) while all x86 clients are. All are required to login to the
domain
to gain access, but after that the x64 clients do not need to re-validate
to
gain access to the Sharepoint sites, even if they are not setup as vaild
users to those sites.

Any and all ideas as to how to prevent this would be very very much
appreciated.


Well, I thought I had a likely cause, until I got to your statement
even if they are not setup as vaild users to those sites
I was thinking to explain this by differences in the Internet options
security settings and/or zone recognition differences between the
machines, specifically as those impact whether Windows authentication
is allowed in the IE settings.

So, if a machine local account logs into an x64 XP it gets prompted
when attempting access to any of those Sharepoint webs, but if ANY
domain account logs in then it can access ANY of the Sharepoint webs
even though some of them are restricted so they should not allow that
domain account. Correct summary?

If only specific domain accounts show this, while logged in as one,
have you checked for cached network credentials ? in the properties
of the account in control panel ?

Roger



.