1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Integrated Authentication

Discussion in 'Scripting & Programming' started by Phil, Nov 28, 2003.

  1. Phil
    Honorary Member

    Phil Gigabyte Poster

    1,680
    7
    87
    Anybody know how to get Integrated Authentication to actually work under IIS ? If I set ntfs permissions on the website folders and set integrated authentication in ISM I get a 401.2 authentication error. I've tried adding the www-authentication header to the site but it makes no difference.
     
    Certifications: MCSE:M & S MCSA:M CCNA CNA
    WIP: 2003 Upgrade, CCNA Upgrade
  2. Azuziel

    Azuziel Bit Poster

    17
    0
    4
    Set the website to runas a non-privied user. Give that user modify to the directory structure. Leave integrated checked. All I've found this really does, is have the OS authenticate, instead of IIS.
     
  3. Phil
    Honorary Member

    Phil Gigabyte Poster

    1,680
    7
    87
    Thanks for the advice Azuziel, where are you talking about setting the website to run as the non-priv user ? I set up a test environment today in vmware and managed to get it to work which is most confusing, I took all the same steps at work yesterday but got nowhere. The key step in my test environment was adding the server to the local intranet on the client machine, I did this time and again at work but only got a 401.2 it was like the browser wasn't accepting the the website was in the local intranet even though the zone in the browser window showed as Local Intranet. If I enabled Digest authentication the site quite happily triggered the login box. The only real differences in the environments were the version of ie, 5.5 at work and 5.0 at home and service packs. Do you think IIS lockdown would affect the authentication the server accepted ?
     
    Certifications: MCSE:M & S MCSA:M CCNA CNA
    WIP: 2003 Upgrade, CCNA Upgrade
  4. Phil
    Honorary Member

    Phil Gigabyte Poster

    1,680
    7
    87
    For anybody who's interested I've sussed it. The browser was going via the proxy to the website, even though it's an internal address. This was screwing up the integrated authentication. I added *.domain.co.uk to the proxy bypass list in internet options and hey presto it started behaving. Doh! talk about missing the obvious. :)
     
    Certifications: MCSE:M & S MCSA:M CCNA CNA
    WIP: 2003 Upgrade, CCNA Upgrade
  5. Nelix
    Honorary Member

    Nelix Gigabyte Poster

    1,412
    3
    82
    Is there not a tick box in the internet properties dialogue box that says "bypass Proxy for local addresses"
     
    Certifications: A+, 70-210, 70-290, 70-291
    WIP: 70-294
  6. Phil
    Honorary Member

    Phil Gigabyte Poster

    1,680
    7
    87
    Yes and it is ticked :) If you navigate to the site just using the computer name it goes direct and bypasses the proxy, if you give it the full domain name it ends up going via the proxy.
     
    Certifications: MCSE:M & S MCSA:M CCNA CNA
    WIP: 2003 Upgrade, CCNA Upgrade

Share This Page

Loading...