Re: Weird Behaviour Accessing MS CA Web Site
- From: "Roger Abell [MVP]" <mvpnospam@xxxxxxx>
- Date: Mon, 4 Aug 2008 23:37:36 -0700
"Hilding" <Hilding.Peterson@xxxxxxxxx> wrote in message
news:7803079f-32f4-4396-8664-aaac4193edb7@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
I'm accessing the Certsrv pages from a Windows XP client, the CA is
Win2K3 Enterprise. If I access it using FQDN or NETBIOS I get a basic
challenge - and even with the correct credentials I can't logon (after
clicking OK in the basic prompt it just re-appears again). If I
access it using IP-Address, I get a basic challenge and I can access
the site.
Strange thing is, I've tried adding FQDN and NETBIOS into intranet
zone, but it doesn't change the behaviour; using the IP address relies
on the Internet zone.
On the CA itself, I can access certsrv using NETBIOS or IP address,
entering FQDN gives me a basic prompt and the same problem described
above.
I originally had the problems on IE6, so I upgraded to IE7 but the
problems are exactly the same.
Anyone had any similar problems with certsrv? Any ideas?
When you use IP you are forcing that Kerberos not be used.
Perhaps NTLM authentication is successful but when accessing other
than by IP Kerberos is result from the auth negotiation but then the login
via Kerberos is failing. Have you examined the security event log if it
is configured to record login failures?
.
- References:
- Weird Behaviour Accessing MS CA Web Site
- From: Hilding
- Weird Behaviour Accessing MS CA Web Site
- Prev by Date: Re: File Security
- Next by Date: Re: File Security
- Previous by thread: Re: Weird Behaviour Accessing MS CA Web Site
- Next by thread: Re: File Security
- Index(es):
Relevant Pages
|
