|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Authentication with IEHere is my setup: IIS 6 on Windows 2003 member server
-IIS Server called serverA.foo.com - I have a virtual directory to a webpage I have setup authentication on the web page to 'Integrated Windows Authentication' and 'Basic authentication'. - default domain: foo.com - Realm: foo.com I want the users to authenticate against foo.com, not against serverA.foo.com. If I browser to the page with Firefox or Mozilla the user enters the username and password and they are authenticated to foo.com with no problems. If I browse to the page with IE and enter a username and password, it will fail and in the username box show 'serverA.foo.com/username'; I am assuming it is authenticating locally. If I enter foo.com/username and password it works fine. But I want my server to automatically authenticate to foo.com with IE also. Any help or suggestions would be much appreciated David wrote:
Show quoteHide quote > Here is my setup: IIS 6 on Windows 2003 member server Firefox and Mozilla don't authenticate automatically with IWA / NTLM > -IIS Server called serverA.foo.com > - I have a virtual directory to a webpage > I have setup authentication on the web page to 'Integrated Windows > Authentication' and 'Basic authentication'. > - default domain: foo.com > - Realm: foo.com > > I want the users to authenticate against foo.com, not against serverA.foo.com. > If I browser to the page with Firefox or Mozilla the user enters the > username and password and they are authenticated to foo.com with no problems. > > If I browse to the page with IE and enter a username and password, it will > fail and in the username box show 'serverA.foo.com/username'; I am assuming > it is authenticating locally. If I enter foo.com/username and password it > works fine. But I want my server to automatically authenticate to foo.com > with IE also. Any help or suggestions would be much appreciated unless an extra entry is made in the config file. I think if you turn off basic authentication you won't be asked for a username/password in IE, but FF/Moz will still ask for one. > Firefox and Mozilla don't authenticate automatically with IWA / NTLM Yes I think you need the site added to the Mozilla config entry:> unless an extra entry is made in the config file. I think if you turn > off basic authentication you won't be asked for a username/password in > IE, but FF/Moz will still ask for one. 'network.automatic-ntlm-auth.trusted-uris' Mozilla will then automatically authenticate. Regards Darren I am not sure I was clear with my question. I want the authentication box
when a user goes to a restricted site (example. The directory ntfs permissions prompts for authenticaton). But what is happening under IE, is that when you enther the username and password it tries to authenticate locally to the server instead of the domain. Does that make more sense? Show quoteHide quote "SchoolTech" wrote: > David wrote: > > Here is my setup: IIS 6 on Windows 2003 member server > > -IIS Server called serverA.foo.com > > - I have a virtual directory to a webpage > > I have setup authentication on the web page to 'Integrated Windows > > Authentication' and 'Basic authentication'. > > - default domain: foo.com > > - Realm: foo.com > > > > I want the users to authenticate against foo.com, not against serverA.foo.com. > > If I browser to the page with Firefox or Mozilla the user enters the > > username and password and they are authenticated to foo.com with no problems. > > > > If I browse to the page with IE and enter a username and password, it will > > fail and in the username box show 'serverA.foo.com/username'; I am assuming > > it is authenticating locally. If I enter foo.com/username and password it > > works fine. But I want my server to automatically authenticate to foo.com > > with IE also. Any help or suggestions would be much appreciated > > Firefox and Mozilla don't authenticate automatically with IWA / NTLM > unless an extra entry is made in the config file. I think if you turn > off basic authentication you won't be asked for a username/password in > IE, but FF/Moz will still ask for one. > > > To further this explanation (because I have experienced the same issue)
When I am prompted to log into the site, I enter my username and password. It then returns back with the local server as the prefix as opposed to the Default Domain name entered. I.E. Site name is www.mysite.com Domain name is MyDomain If I just enter: username password I am not authenticated and the dialogue then repopulates the username name field as such: www.mysite.com\username Where the desired behavior is that it will automatically check the Default Domain specified within IIS: MyDomain\username or usern***@MyDomain.com Why are we required to specify the Domain when we login when it is already specified in IIS? One assumption I have is that this is an IE security setting. Thanks. Show quoteHide quote "David" <Da***@discussions.microsoft.com> wrote in message news:65D5FB15-F963-42E8-89CA-5200595185B6@microsoft.com... >I am not sure I was clear with my question. I want the authentication box > when a user goes to a restricted site (example. The directory ntfs > permissions prompts for authenticaton). But what is happening under IE, is > that when you enther the username and password it tries to authenticate > locally to the server instead of the domain. Does that make more sense? > > "SchoolTech" wrote: > >> David wrote: >> > Here is my setup: IIS 6 on Windows 2003 member server >> > -IIS Server called serverA.foo.com >> > - I have a virtual directory to a webpage >> > I have setup authentication on the web page to 'Integrated Windows >> > Authentication' and 'Basic authentication'. >> > - default domain: foo.com >> > - Realm: foo.com >> > >> > I want the users to authenticate against foo.com, not against >> > serverA.foo.com. >> > If I browser to the page with Firefox or Mozilla the user enters the >> > username and password and they are authenticated to foo.com with no >> > problems. >> > >> > If I browse to the page with IE and enter a username and password, it >> > will >> > fail and in the username box show 'serverA.foo.com/username'; I am >> > assuming >> > it is authenticating locally. If I enter foo.com/username and password >> > it >> > works fine. But I want my server to automatically authenticate to >> > foo.com >> > with IE also. Any help or suggestions would be much appreciated >> >> Firefox and Mozilla don't authenticate automatically with IWA / NTLM >> unless an extra entry is made in the config file. I think if you turn >> off basic authentication you won't be asked for a username/password in >> IE, but FF/Moz will still ask for one. >> >> >> 
Other interesting topics
keep IIS in RAM
IIS 7 default setting Post Image Data to Server from embedded user control in IE IE prompts for a password when using anonymous authentication Web services difficulties Basic authentication against automated attacks List of all SSL pages NT Authentication - 2nd challenge/response HTTP to HTTPS specified request cannot...from current Application IIS 5 belonging to domain? |
|||||||||||||||||||||||
