"Andy Wright" <A@bc.com> wrote in message
news:uKExrnPOFHA.3960@TK2MSFTNGP12.phx.gbl...
> Hi,
>
> I have an IIS 6 application on Windows 2003 SP1 configured to use
> integrated authentication. It runs in an application pool that is
> configured with a specific user name and password.
>
> If I connect to the web site using IE 6 hosted on a machine running NT 4
> everything works fine. When I request a page from the web site, the
> following request is logged:
>
> 2005-04-04 09:00:57 192.168.0.100 GET /test/test.htm - 80
> LOCH_NESS\pplustester1 192.168.0.5
> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+4.0) 200 0 0
>
> However, if I log on as the same user (LOCH_NESS\pplustester1) on a
> machine running IE 6 hosted on Winndows XP, the system prompts me for user
> name and password credentials. After supplying the correct credentials I
> eventually get an HTTP 401.1 error. The request is logged at the server
> as:
>
> 2005-04-04 07:59:28 192.168.0.100 GET /test/test.htm - 80 - 192.168.0.127
> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322) 401
> 2 2148074254
>
> It seems that the user name authentication credentials aren't being passed
> on to the web server correctly.
>
> If I reconfigure the web site so that it runns in an application pool
> associated with the default Network Service identity then the request from
> the Windows XP machine works ok and is logged as:
>
> 2005-04-04 09:29:17 192.168.0.100 GET /test/test.htm - 80
> LOCH_NESS\Administrator 192.168.0.127
> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322) 304
> 0 0
>
> Does anyone know if there are any settings that need to be configured for
> IE6 when running on XP to fix it so that the credentials are passed on
> correctly - or is there something more subtle that I'm missing?
>
> Thanks,
>
> Andy Wright
>

"Andy Wright" <A@bc.com> wrote in message
news:uKExrnPOFHA.3960@TK2MSFTNGP12.phx.gbl...
> Hi,
>
> I have an IIS 6 application on Windows 2003 SP1 configured to use
> integrated authentication. It runs in an application pool that is
> configured with a specific user name and password.
>
> If I connect to the web site using IE 6 hosted on a machine running NT 4
> everything works fine. When I request a page from the web site, the
> following request is logged:
>
> 2005-04-04 09:00:57 192.168.0.100 GET /test/test.htm - 80
> LOCH_NESS\pplustester1 192.168.0.5
> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+4.0) 200 0 0
>
> However, if I log on as the same user (LOCH_NESS\pplustester1) on a
> machine running IE 6 hosted on Winndows XP, the system prompts me for user
> name and password credentials. After supplying the correct credentials I
> eventually get an HTTP 401.1 error. The request is logged at the server
> as:
>
> 2005-04-04 07:59:28 192.168.0.100 GET /test/test.htm - 80 - 192.168.0.127
> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322) 401
> 2 2148074254
>
> It seems that the user name authentication credentials aren't being passed
> on to the web server correctly.
>
> If I reconfigure the web site so that it runns in an application pool
> associated with the default Network Service identity then the request from
> the Windows XP machine works ok and is logged as:
>
> 2005-04-04 09:29:17 192.168.0.100 GET /test/test.htm - 80
> LOCH_NESS\Administrator 192.168.0.127
> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322) 304
> 0 0
>
> Does anyone know if there are any settings that need to be configured for
> IE6 when running on XP to fix it so that the credentials are passed on
> correctly - or is there something more subtle that I'm missing?
>
> Thanks,
>
> Andy Wright
>

"David Wang [Msft]" <some***@online.microsoft.com> wrote in message
news:e5krHpmOFHA.2748@TK2MSFTNGP09.phx.gbl...
> Right now, your failure pattern it sounds a common misconfiguration where
> you have:
> 1. a customized Application Pool Identity
> 2. Only Integrated authentication is enabled
> 3. the server is in a domain
>
> http://64.233.187.104/search?q=cache:NIZib3_gx9sJ:www.microsoft.com/resources/documentation/WindowsServ/2003/standard/proddocs/en-us/ca_cfgwrkridentity.asp&hl=en
>
>
>
>> If I reconfigure the web site so that it runns in an application
>> pool associated with the default Network Service identity
>> then the request from the Windows XP machine works
>> ok and is logged as:
>>
>> 2005-04-04 09:29:17 192.168.0.100 GET /test/test.htm
>> - 80 LOCH_NESS\Administrator 192.168.0.127
>> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322)
>> 304 0 0
>
> This has login of LOCH_NESS\Administrator, which is not the same as
> "LOCH_NESS\pplustester1" which you said you were testing with. Either you
> chose the wrong log entry or something else is running on the server and
> interfering.
>
> --
> //David
> IIS
> http://blogs.msdn.com/David.Wang
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
> //
> "Bernard" <qbern***@hotmail.com.discuss> wrote in message
> news:uvNtTSbOFHA.2136@TK2MSFTNGP14.phx.gbl...
> Mmm..
> 401.2 - Logon failed due to server configuration.
> what authentication method you using ?
> is the NT4 and XP pro machine located in the same subnet and browse using
> the same URL ?
>
>>>
>> If I reconfigure the web site so that it runns in an application pool
>> associated with the default Network Service identity then the request
>> from
>> the Windows XP machine works ok and is logged as:
>
> what was the previous app pool identity ?
>
> --
> Regards,
> Bernard Cheah
> http://www.tryiis.com/
> http://support.microsoft.com/
> http://www.msmvps.com/bernard/
>
>
> "Andy Wright" <A@bc.com> wrote in message
> news:uKExrnPOFHA.3960@TK2MSFTNGP12.phx.gbl...
>> Hi,
>>
>> I have an IIS 6 application on Windows 2003 SP1 configured to use
>> integrated authentication. It runs in an application pool that is
>> configured with a specific user name and password.
>>
>> If I connect to the web site using IE 6 hosted on a machine running NT 4
>> everything works fine. When I request a page from the web site, the
>> following request is logged:
>>
>> 2005-04-04 09:00:57 192.168.0.100 GET /test/test.htm - 80
>> LOCH_NESS\pplustester1 192.168.0.5
>> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+4.0) 200 0 0
>>
>> However, if I log on as the same user (LOCH_NESS\pplustester1) on a
>> machine running IE 6 hosted on Winndows XP, the system prompts me for
>> user
>> name and password credentials. After supplying the correct credentials I
>> eventually get an HTTP 401.1 error. The request is logged at the server
>> as:
>>
>> 2005-04-04 07:59:28 192.168.0.100 GET /test/test.htm - 80 - 192.168.0.127
>> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322) 401
>> 2 2148074254
>>
>> It seems that the user name authentication credentials aren't being
>> passed
>> on to the web server correctly.
>>
>> If I reconfigure the web site so that it runns in an application pool
>> associated with the default Network Service identity then the request
>> from
>> the Windows XP machine works ok and is logged as:
>>
>> 2005-04-04 09:29:17 192.168.0.100 GET /test/test.htm - 80
>> LOCH_NESS\Administrator 192.168.0.127
>> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322) 304
>> 0 0
>>
>> Does anyone know if there are any settings that need to be configured for
>> IE6 when running on XP to fix it so that the credentials are passed on
>> correctly - or is there something more subtle that I'm missing?
>>
>> Thanks,
>>
>> Andy Wright
>>
>
>
>

"Andy Wright" wrote:

> Thanks for the information David. The article that you provided the link to
> mentioned includes the following:
>
> ----------------
> Forcing NTLM
> In the following situations, Kerberos fails and you must force IIS to use
> NTLM authentication by setting the NTAuthenticationProviders metabase
> property to NTLM.
>
> 1) When you isolate Web sites on a virtual directory level by configuring
> worker process identities as different domain accounts, Kerberos fails.
>
> 2) If you are using Integrated Windows authentication, are not using a WINS
> or DNS name for the server running IIS, and you want to use a local user
> account or the LocalService account as a worker process identity, Kerberos
> authentication fails because Active Directory will not "trust" the accounts.
> --------------
>
> Because I had configured the application as in 1) above, Kerberos was
> failing. When I set the NTAuthenticationProviders metabase property to NTLM
> the problem was fixed. This seems to work ok when set at the virtual
> directory level and so needn't have an impact on other applications in the
> Web site.
>
> Do you know of any references that describe the likely consequences of
> setting this metabase property for an application and any workrounds or
> configuration options that are available for applications that need to rely
> on Kerberos features?
>
> I also tried setting the Application Pool Identity for the entire web site
> rather than at the Application/Virtual Directory level and that seems to
> work ok even when Kerberos is enabled (NTAuthenticationProviders metabase
> property set to Negotiate,NTLM).
>
>
> "David Wang [Msft]" <some***@online.microsoft.com> wrote in message
> news:e5krHpmOFHA.2748@TK2MSFTNGP09.phx.gbl...
> > Right now, your failure pattern it sounds a common misconfiguration where
> > you have:
> > 1. a customized Application Pool Identity
> > 2. Only Integrated authentication is enabled
> > 3. the server is in a domain
> >
> > http://64.233.187.104/search?q=cache:NIZib3_gx9sJ:www.microsoft.com/resources/documentation/WindowsServ/2003/standard/proddocs/en-us/ca_cfgwrkridentity.asp&hl=en
> >
> >
> >
> >> If I reconfigure the web site so that it runns in an application
> >> pool associated with the default Network Service identity
> >> then the request from the Windows XP machine works
> >> ok and is logged as:
> >>
> >> 2005-04-04 09:29:17 192.168.0.100 GET /test/test.htm
> >> - 80 LOCH_NESS\Administrator 192.168.0.127
> >> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322)
> >> 304 0 0
> >
> > This has login of LOCH_NESS\Administrator, which is not the same as
> > "LOCH_NESS\pplustester1" which you said you were testing with. Either you
> > chose the wrong log entry or something else is running on the server and
> > interfering.
> >
> > --
> > //David
> > IIS
> > http://blogs.msdn.com/David.Wang
> > This posting is provided "AS IS" with no warranties, and confers no
> > rights.
> > //
> > "Bernard" <qbern***@hotmail.com.discuss> wrote in message
> > news:uvNtTSbOFHA.2136@TK2MSFTNGP14.phx.gbl...
> > Mmm..
> > 401.2 - Logon failed due to server configuration.
> > what authentication method you using ?
> > is the NT4 and XP pro machine located in the same subnet and browse using
> > the same URL ?
> >
> >>>
> >> If I reconfigure the web site so that it runns in an application pool
> >> associated with the default Network Service identity then the request
> >> from
> >> the Windows XP machine works ok and is logged as:
> >
> > what was the previous app pool identity ?
> >
> > --
> > Regards,
> > Bernard Cheah
> > http://www.tryiis.com/
> > http://support.microsoft.com/
> > http://www.msmvps.com/bernard/
> >
> >
> > "Andy Wright" <A@bc.com> wrote in message
> > news:uKExrnPOFHA.3960@TK2MSFTNGP12.phx.gbl...
> >> Hi,
> >>
> >> I have an IIS 6 application on Windows 2003 SP1 configured to use
> >> integrated authentication. It runs in an application pool that is
> >> configured with a specific user name and password.
> >>
> >> If I connect to the web site using IE 6 hosted on a machine running NT 4
> >> everything works fine. When I request a page from the web site, the
> >> following request is logged:
> >>
> >> 2005-04-04 09:00:57 192.168.0.100 GET /test/test.htm - 80
> >> LOCH_NESS\pplustester1 192.168.0.5
> >> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+4.0) 200 0 0
> >>
> >> However, if I log on as the same user (LOCH_NESS\pplustester1) on a
> >> machine running IE 6 hosted on Winndows XP, the system prompts me for
> >> user
> >> name and password credentials. After supplying the correct credentials I
> >> eventually get an HTTP 401.1 error. The request is logged at the server
> >> as:
> >>
> >> 2005-04-04 07:59:28 192.168.0.100 GET /test/test.htm - 80 - 192.168.0.127
> >> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322) 401
> >> 2 2148074254
> >>
> >> It seems that the user name authentication credentials aren't being
> >> passed
> >> on to the web server correctly.
> >>
> >> If I reconfigure the web site so that it runns in an application pool
> >> associated with the default Network Service identity then the request
> >> from
> >> the Windows XP machine works ok and is logged as:
> >>
> >> 2005-04-04 09:29:17 192.168.0.100 GET /test/test.htm - 80
> >> LOCH_NESS\Administrator 192.168.0.127
> >> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322) 304
> >> 0 0
> >>
> >> Does anyone know if there are any settings that need to be configured for
> >> IE6 when running on XP to fix it so that the credentials are passed on
> >> correctly - or is there something more subtle that I'm missing?
> >>
> >> Thanks,
> >>
> >> Andy Wright
> >>
> >
> >
> >
>
>
>

"Matthew Emsley" <MatthewEms***@discussions.microsoft.com> wrote in message
news:BD5F6156-4BFF-4E7B-AB55-80D3C0B4BE60@microsoft.com...
:I think I'm experiencing the smae problem.  I have Win2003 with IIS6.  I
just
: installed SP1.
:
: My server is in a domain.  I'm running two websites through IIS6.
Anoymous
: access is OFF, and I'm using Integrated Windows authentication
:
: My server has a static IP address and the
: DNS name is: FLOWER.COMPANY.COM
: WINS name is: TLA-FLOWER
: I have aliased the website names on companies DNS server to my IP address
: Alias name 1: PETAL.COMPANY.COM
: Alias name 2: STEM.COMPANY.COM
:
: I have PETAL.COMPANY.COM as the default website.
:
: Before SPI if i connected to http://PETAL it did not ask for a username
and
: password (it was in the Local Intranet Zone).  After SP1 going to
: http://PETAL or http://FLOWER asks me for a username and password and the
: Domain username and password I use eventially result in a error 401.1.
If,
: however I use the WINS name: http://TLA-FLOWER I am not asked for the
: username and password and I am able to connect to the webpage again on the
: Local Intranet zone.
:
: All help is appreciated.
:
:
:
:
: "Andy Wright" wrote:
:
: > Thanks for the information David. The article that you provided the link
to
: > mentioned includes the following:
: >
: > ----------------
: > Forcing NTLM
: > In the following situations, Kerberos fails and you must force IIS to
use
: > NTLM authentication by setting the NTAuthenticationProviders metabase
: > property to NTLM.
: >
: > 1) When you isolate Web sites on a virtual directory level by
configuring
: > worker process identities as different domain accounts, Kerberos fails.
: >
: > 2) If you are using Integrated Windows authentication, are not using a
WINS
: > or DNS name for the server running IIS, and you want to use a local user
: > account or the LocalService account as a worker process identity,
Kerberos
: > authentication fails because Active Directory will not "trust" the
accounts.
: > --------------
: >
: > Because I had configured the application as in 1) above, Kerberos was
: > failing. When I set the NTAuthenticationProviders metabase property to
NTLM
: > the problem was fixed. This seems to work ok when set at the virtual
: > directory level and so needn't have an impact on other applications in
the
: > Web site.
: >
: > Do you know of any references that describe the likely consequences of
: > setting this metabase property for an application and any workrounds or
: > configuration options that are available for applications that need to
rely
: > on Kerberos features?
: >
: > I also tried setting the Application Pool Identity for the entire web
site
: > rather than at the Application/Virtual Directory level and that seems to
: > work ok even when Kerberos is enabled (NTAuthenticationProviders
metabase
: > property set to Negotiate,NTLM).
: >
: >
: > "David Wang [Msft]" <some***@online.microsoft.com> wrote in message
: > news:e5krHpmOFHA.2748@TK2MSFTNGP09.phx.gbl...
: > > Right now, your failure pattern it sounds a common misconfiguration
where
: > > you have:
: > > 1. a customized Application Pool Identity
: > > 2. Only Integrated authentication is enabled
: > > 3. the server is in a domain
: > >
: > >

: > >
: > >
: > >
: > >> If I reconfigure the web site so that it runns in an application
: > >> pool associated with the default Network Service identity
: > >> then the request from the Windows XP machine works
: > >> ok and is logged as:
: > >>
: > >> 2005-04-04 09:29:17 192.168.0.100 GET /test/test.htm
: > >> - 80 LOCH_NESS\Administrator 192.168.0.127
: > >> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322)
: > >> 304 0 0
: > >
: > > This has login of LOCH_NESS\Administrator, which is not the same as
: > > "LOCH_NESS\pplustester1" which you said you were testing with. Either
you
: > > chose the wrong log entry or something else is running on the server
and
: > > interfering.
: > >
: > > --
: > > //David
: > > IIS
: > > http://blogs.msdn.com/David.Wang
: > > This posting is provided "AS IS" with no warranties, and confers no
: > > rights.
: > > //
: > > "Bernard" <qbern***@hotmail.com.discuss> wrote in message
: > > news:uvNtTSbOFHA.2136@TK2MSFTNGP14.phx.gbl...
: > > Mmm..
: > > 401.2 - Logon failed due to server configuration.
: > > what authentication method you using ?
: > > is the NT4 and XP pro machine located in the same subnet and browse
using
: > > the same URL ?
: > >
: > >>>
: > >> If I reconfigure the web site so that it runns in an application pool
: > >> associated with the default Network Service identity then the request
: > >> from
: > >> the Windows XP machine works ok and is logged as:
: > >
: > > what was the previous app pool identity ?
: > >
: > > --
: > > Regards,
: > > Bernard Cheah
: > > http://www.tryiis.com/
: > > http://support.microsoft.com/
: > > http://www.msmvps.com/bernard/
: > >
: > >
: > > "Andy Wright" <A@bc.com> wrote in message
: > > news:uKExrnPOFHA.3960@TK2MSFTNGP12.phx.gbl...
: > >> Hi,
: > >>
: > >> I have an IIS 6 application on Windows 2003 SP1 configured to use
: > >> integrated authentication. It runs in an application pool that is
: > >> configured with a specific user name and password.
: > >>
: > >> If I connect to the web site using IE 6 hosted on a machine running
NT 4
: > >> everything works fine. When I request a page from the web site, the
: > >> following request is logged:
: > >>
: > >> 2005-04-04 09:00:57 192.168.0.100 GET /test/test.htm - 80
: > >> LOCH_NESS\pplustester1 192.168.0.5
: > >> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+4.0) 200 0 0
: > >>
: > >> However, if I log on as the same user (LOCH_NESS\pplustester1) on a
: > >> machine running IE 6 hosted on Winndows XP, the system prompts me for
: > >> user
: > >> name and password credentials. After supplying the correct
credentials I
: > >> eventually get an HTTP 401.1 error. The request is logged at the
server
: > >> as:
: > >>
: > >> 2005-04-04 07:59:28 192.168.0.100 GET /test/test.htm - 80 -

: > >> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322)
401
: > >> 2 2148074254
: > >>
: > >> It seems that the user name authentication credentials aren't being
: > >> passed
: > >> on to the web server correctly.
: > >>
: > >> If I reconfigure the web site so that it runns in an application pool
: > >> associated with the default Network Service identity then the request
: > >> from
: > >> the Windows XP machine works ok and is logged as:
: > >>
: > >> 2005-04-04 09:29:17 192.168.0.100 GET /test/test.htm - 80
: > >> LOCH_NESS\Administrator 192.168.0.127
: > >> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322)
304
: > >> 0 0
: > >>
: > >> Does anyone know if there are any settings that need to be configured
for
: > >> IE6 when running on XP to fix it so that the credentials are passed
on
: > >> correctly - or is there something more subtle that I'm missing?
: > >>
: > >> Thanks,
: > >>
: > >> Andy Wright
: > >>
: > >
: > >
: > >
: >
: >
: >

"David Wang [Msft]" wrote:

> Right now, your failure pattern it sounds a common misconfiguration where
> you have:
> 1. a customized Application Pool Identity
> 2. Only Integrated authentication is enabled
> 3. the server is in a domain
>
> http://64.233.187.104/search?q=cache:NIZib3_gx9sJ:www.microsoft.com/resources/documentation/WindowsServ/2003/standard/proddocs/en-us/ca_cfgwrkridentity.asp&hl=en
>
>
>
> > If I reconfigure the web site so that it runns in an application
> > pool associated with the default Network Service identity
> > then the request from the Windows XP machine works
> > ok and is logged as:
> >
> > 2005-04-04 09:29:17 192.168.0.100 GET /test/test.htm
> > - 80 LOCH_NESS\Administrator 192.168.0.127
> > Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322)
> > 304 0 0
>
> This has login of LOCH_NESS\Administrator, which is not the same as
> "LOCH_NESS\pplustester1" which you said you were testing with. Either you
> chose the wrong log entry or something else is running on the server and
> interfering.
>
> --
> //David
> IIS
> http://blogs.msdn.com/David.Wang
> This posting is provided "AS IS" with no warranties, and confers no rights.
> //
> "Bernard" <qbern***@hotmail.com.discuss> wrote in message
> news:uvNtTSbOFHA.2136@TK2MSFTNGP14.phx.gbl...
> Mmm..
> 401.2 - Logon failed due to server configuration.
> what authentication method you using ?
> is the NT4 and XP pro machine located in the same subnet and browse using
> the same URL ?
>
> >>
> > If I reconfigure the web site so that it runns in an application pool
> > associated with the default Network Service identity then the request from
> > the Windows XP machine works ok and is logged as:
>
> what was the previous app pool identity ?
>
> --
> Regards,
> Bernard Cheah
> http://www.tryiis.com/
> http://support.microsoft.com/
> http://www.msmvps.com/bernard/
>
>
> "Andy Wright" <A@bc.com> wrote in message
> news:uKExrnPOFHA.3960@TK2MSFTNGP12.phx.gbl...
> > Hi,
> >
> > I have an IIS 6 application on Windows 2003 SP1 configured to use
> > integrated authentication. It runs in an application pool that is
> > configured with a specific user name and password.
> >
> > If I connect to the web site using IE 6 hosted on a machine running NT 4
> > everything works fine. When I request a page from the web site, the
> > following request is logged:
> >
> > 2005-04-04 09:00:57 192.168.0.100 GET /test/test.htm - 80
> > LOCH_NESS\pplustester1 192.168.0.5
> > Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+4.0) 200 0 0
> >
> > However, if I log on as the same user (LOCH_NESS\pplustester1) on a
> > machine running IE 6 hosted on Winndows XP, the system prompts me for user
> > name and password credentials. After supplying the correct credentials I
> > eventually get an HTTP 401.1 error. The request is logged at the server
> > as:
> >
> > 2005-04-04 07:59:28 192.168.0.100 GET /test/test.htm - 80 - 192.168.0.127
> > Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322) 401
> > 2 2148074254
> >
> > It seems that the user name authentication credentials aren't being passed
> > on to the web server correctly.
> >
> > If I reconfigure the web site so that it runns in an application pool
> > associated with the default Network Service identity then the request from
> > the Windows XP machine works ok and is logged as:
> >
> > 2005-04-04 09:29:17 192.168.0.100 GET /test/test.htm - 80
> > LOCH_NESS\Administrator 192.168.0.127
> > Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322) 304
> > 0 0
> >
> > Does anyone know if there are any settings that need to be configured for
> > IE6 when running on XP to fix it so that the credentials are passed on
> > correctly - or is there something more subtle that I'm missing?
> >
> > Thanks,
> >
> > Andy Wright
> >
>
>
>
>

"David Wang [Msft]" wrote:

> Right now, your failure pattern it sounds a common misconfiguration where
> you have:
> 1. a customized Application Pool Identity
> 2. Only Integrated authentication is enabled
> 3. the server is in a domain
>
> http://64.233.187.104/search?q=cache:NIZib3_gx9sJ:www.microsoft.com/resources/documentation/WindowsServ/2003/standard/proddocs/en-us/ca_cfgwrkridentity.asp&hl=en
>
>
>
> > If I reconfigure the web site so that it runns in an application
> > pool associated with the default Network Service identity
> > then the request from the Windows XP machine works
> > ok and is logged as:
> >
> > 2005-04-04 09:29:17 192.168.0.100 GET /test/test.htm
> > - 80 LOCH_NESS\Administrator 192.168.0.127
> > Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322)
> > 304 0 0
>
> This has login of LOCH_NESS\Administrator, which is not the same as
> "LOCH_NESS\pplustester1" which you said you were testing with. Either you
> chose the wrong log entry or something else is running on the server and
> interfering.
>
> --
> //David
> IIS
> http://blogs.msdn.com/David.Wang
> This posting is provided "AS IS" with no warranties, and confers no rights.
> //
> "Bernard" <qbern***@hotmail.com.discuss> wrote in message
> news:uvNtTSbOFHA.2136@TK2MSFTNGP14.phx.gbl...
> Mmm..
> 401.2 - Logon failed due to server configuration.
> what authentication method you using ?
> is the NT4 and XP pro machine located in the same subnet and browse using
> the same URL ?
>
> >>
> > If I reconfigure the web site so that it runns in an application pool
> > associated with the default Network Service identity then the request from
> > the Windows XP machine works ok and is logged as:
>
> what was the previous app pool identity ?
>
> --
> Regards,
> Bernard Cheah
> http://www.tryiis.com/
> http://support.microsoft.com/
> http://www.msmvps.com/bernard/
>
>
> "Andy Wright" <A@bc.com> wrote in message
> news:uKExrnPOFHA.3960@TK2MSFTNGP12.phx.gbl...
> > Hi,
> >
> > I have an IIS 6 application on Windows 2003 SP1 configured to use
> > integrated authentication. It runs in an application pool that is
> > configured with a specific user name and password.
> >
> > If I connect to the web site using IE 6 hosted on a machine running NT 4
> > everything works fine. When I request a page from the web site, the
> > following request is logged:
> >
> > 2005-04-04 09:00:57 192.168.0.100 GET /test/test.htm - 80
> > LOCH_NESS\pplustester1 192.168.0.5
> > Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+4.0) 200 0 0
> >
> > However, if I log on as the same user (LOCH_NESS\pplustester1) on a
> > machine running IE 6 hosted on Winndows XP, the system prompts me for user
> > name and password credentials. After supplying the correct credentials I
> > eventually get an HTTP 401.1 error. The request is logged at the server
> > as:
> >
> > 2005-04-04 07:59:28 192.168.0.100 GET /test/test.htm - 80 - 192.168.0.127
> > Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322) 401
> > 2 2148074254
> >
> > It seems that the user name authentication credentials aren't being passed
> > on to the web server correctly.
> >
> > If I reconfigure the web site so that it runns in an application pool
> > associated with the default Network Service identity then the request from
> > the Windows XP machine works ok and is logged as:
> >
> > 2005-04-04 09:29:17 192.168.0.100 GET /test/test.htm - 80
> > LOCH_NESS\Administrator 192.168.0.127
> > Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322) 304
> > 0 0
> >
> > Does anyone know if there are any settings that need to be configured for
> > IE6 when running on XP to fix it so that the credentials are passed on
> > correctly - or is there something more subtle that I'm missing?
> >
> > Thanks,
> >
> > Andy Wright
> >
>
>
>
>

"Andy Wright" wrote:

> Hi,
>
> I have an IIS 6 application on Windows 2003 SP1 configured to use integrated
> authentication. It runs in an application pool that is configured with a
> specific user name and password.
>
> If I connect to the web site using IE 6 hosted on a machine running NT 4
> everything works fine. When I request a page from the web site, the
> following request is logged:
>
> 2005-04-04 09:00:57 192.168.0.100 GET /test/test.htm - 80
> LOCH_NESS\pplustester1 192.168.0.5
> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+4.0) 200 0 0
>
> However, if I log on as the same user (LOCH_NESS\pplustester1) on a machine
> running IE 6 hosted on Winndows XP, the system prompts me for user name and
> password credentials. After supplying the correct credentials I eventually
> get an HTTP 401.1 error. The request is logged at the server as:
>
> 2005-04-04 07:59:28 192.168.0.100 GET /test/test.htm - 80 - 192.168.0.127
> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322) 401 2
> 2148074254
>
> It seems that the user name authentication credentials aren't being passed
> on to the web server correctly.
>
> If I reconfigure the web site so that it runns in an application pool
> associated with the default Network Service identity then the request from
> the Windows XP machine works ok and is logged as:
>
> 2005-04-04 09:29:17 192.168.0.100 GET /test/test.htm - 80
> LOCH_NESS\Administrator 192.168.0.127
> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322) 304 0
> 0
>
> Does anyone know if there are any settings that need to be configured for
> IE6 when running on XP to fix it so that the credentials are passed on
> correctly - or is there something more subtle that I'm missing?
>
> Thanks,
>
> Andy Wright
>
>
>