|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
HTTP Error 401.1 - Unauthorized: Access is denied due to invalid credentials. Digest authenticationI created virtual directory on my development server and specified Digest
authentication. I got error message "HTTP Error 401.1 - Unauthorized: Access is denied due to invalid credentials". Digest authentication works on my production server without any problems. My configuration is IIS 6, MS Windows Server 2003 (no service packs). Hi Dmitri,
Digest authentication will require the Active Directory support. This means that we can only use the domain account to logon into the site and the IIS server should be deployed into one domain. IIS will need to authenticate the domain account from the domain controller of the active directory; there is no need to configure the IIS server to DC. So for the scenario, if the develpoment server hasn't been added into the domain, the digest authentication method can't validate the domain account and 401.1 will be sent back to the client. Furthermore, if there is no one domain available at the development environment, I'd suggest you can use the Integrated Windows authentication so that the accounts at the IIS server can be used for the logon. Please feel free to let me know if you have any question. My pleasure to be of any assistance. Best Regards, Wei-Dong XU Microsoft Product Support Services This posting is provided "AS IS" with no warranties, and confers no rights. My development server is in the same domain in our company's Active
Directory as production server. I'm use the same user name and password for Digest authentication on both server. And it works on production but not on development. Unfortunately Integrated Windows authentication is not an option in my case. I'm developing web service that should be available from outside of company's firewall. Interesting point is that basic and integrated windows authentication works on both servers. In the http://www.iis-resources.com/modules/newbb/viewtopic.php?topic_id=3365&forum=5 discuses similar (but not exactly the same) problem. Thanks, Dmitri Show quoteHide quote "Wei-Dong XU [MSFT]" <v-w***@online.microsoft.com> wrote in message news:QroKaRFUFHA.2184@TK2MSFTNGXA01.phx.gbl... > Hi Dmitri, > > Digest authentication will require the Active Directory support. This means > that we can only use the domain account to logon into the site and the IIS > server should be deployed into one domain. IIS will need to authenticate > the domain account from the domain controller of the active directory; > there is no need to configure the IIS server to DC. > > So for the scenario, if the develpoment server hasn't been added into the > domain, the digest authentication method can't validate the domain account > and 401.1 will be sent back to the client. Furthermore, if there is no one > domain available at the development environment, I'd suggest you can use > the Integrated Windows authentication so that the accounts at the IIS > server can be used for the logon. > > Please feel free to let me know if you have any question. My pleasure to be > of any assistance. > > Best Regards, > Wei-Dong XU > Microsoft Product Support Services > This posting is provided "AS IS" with no warranties, and confers no rights. > > Ok. It fixed now. It was some error on the domain controller.
Thanks, Dmitri Show quoteHide quote "Dmitri Kouminov" <kouminovd@nospam.nospam> wrote in message http://www.iis-resources.com/modules/newbb/viewtopic.php?topic_id=3365&forum=5news:OwsZJiLUFHA.3584@TK2MSFTNGP14.phx.gbl... > My development server is in the same domain in our company's Active > Directory as production server. I'm use the same user name and password for > Digest authentication on both server. And it works on production but not on > development. > Unfortunately Integrated Windows authentication is not an option in my case. > I'm developing web service that should be available from outside of > company's firewall. Interesting point is that basic and integrated windows > authentication works on both servers. > In the > Show quoteHide quote > discuses similar (but not exactly the same) problem. > Thanks, > Dmitri > > "Wei-Dong XU [MSFT]" <v-w***@online.microsoft.com> wrote in message > news:QroKaRFUFHA.2184@TK2MSFTNGXA01.phx.gbl... > > Hi Dmitri, > > > > Digest authentication will require the Active Directory support. This > means > > that we can only use the domain account to logon into the site and the IIS > > server should be deployed into one domain. IIS will need to authenticate > > the domain account from the domain controller of the active directory; > > there is no need to configure the IIS server to DC. > > > > So for the scenario, if the develpoment server hasn't been added into the > > domain, the digest authentication method can't validate the domain account > > and 401.1 will be sent back to the client. Furthermore, if there is no one > > domain available at the development environment, I'd suggest you can use > > the Integrated Windows authentication so that the accounts at the IIS > > server can be used for the logon. > > > > Please feel free to let me know if you have any question. My pleasure to > be > > of any assistance. > > > > Best Regards, > > Wei-Dong XU > > Microsoft Product Support Services > > This posting is provided "AS IS" with no warranties, and confers no > rights. > > > > > > Very glad to hear the issue is resolved! You are very welcome!
Best Regards, Wei-Dong XU Microsoft Product Support Services This posting is provided "AS IS" with no warranties, and confers no rights. 
Other interesting topics
IIS6 ASP Crystal DLL
Digest access to UNC share IIS 5.0 - Create Server Certificate Wizard Client Permissions required for Integrated Authentication? Unable to set up client certificate, error 403.7 why request for cmd.exe had passed UrlScan.dll? Why rename the IUSR account? Guest book created through Frontpage Selfssl.exe for multiple vhosts Switching from Integrated Authentication to Anonymous |
|||||||||||||||||||||||
