Hi All

Is there a way that a user can logon to a webserver by just giving their
username and not Domian\username or username@domain

We have a Web Server on IIS when users are prompted for their passwords we
would like them just to enter thier username and password  would this be
possible in IIS

wayne

It is all possible on IIS. The question is what authentication
protocol and identity provider you want to use.

If you plan to use the ones built into Windows, then you will have to
use Domain\username or usern***@domain.com (assuming your UPN Domain
name = Domain name). That is the only secure approach.

Basic Authentication protocol is insecure and allows the Web Server to
prepend "Domain" when performing logons, thus allows you to provide
just username -- but only within one domain -- if you have >1 domain,
this approach won't work.

All other secured authentication protocols require username and
domain.

Custom Authentication Protocols in the form of 3rd party Addons can
allow just username, but you'll have to purchase/find them yourself.

My personal opinion is that users get used to username@domain because
that's how most popular and secure authentication protocols work. You
do a dis-service by trying to simply to a plain username.


//David
http://w3-4u.blogspot.com
http://blogs.msdn.com/David.Wang
//

IIS 6 Integrated Security....risks??
IIS6 - URLScan and MaxQueryString
Kerberos Configured, but occasionally users login using NTLM
The 'Source' permission for WebDAV in IIS 7.0
IIS6 auth. problem
Authentication againts ADS
URLScan a single site?
SQL injection attempt
IIS 6 <domain>\<user> vs <user>@<domain>
IIS6, mulitple Versign Certificates and Host Headers