|
Home > Archive > IIS Server Security > November 2004 > Integrated Windows authentication - off site
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Integrated Windows authentication - off site
|
|
| Remi O 2004-11-19, 5:51 pm |
| I've set up IIS on a Windows 2003 server to use Integrated Windows
authentication. This works the way I expect it to on site - users who
are logged into our domain can reach the website no problem.
What I'm having an issue with (of sorts) is users off site. Using IE6
they are forced to log in using domainname\username and password - in
other browsers like Firefox they can just type in username and
password, without the domain name.
I guess my question is; are there any settings in IIS that could let
the users log on using IE6 without typing in the domainname\ part? Or
is that more of an IE question?
I know typing in the "domainname\" part sounds like a minute detail,
but some users logging onto out intranet from home will likely not
remember/understand that part of the login process.
Any help would be appreciated.
Thanks,
Remi
| |
| Miha Pihler 2004-11-20, 2:53 am |
| Hi Remi,
This would be possible if you (also) selected Basic Authentication and
selected "Default Domain". Now you would also have to configure SSL to
protect the data (username and password) exchanged between client and
computer.
Mike
"Remi O" <remster@gmail.com> wrote in message
news:c6c2ae59.0411191337.59c8ecd9@posting.google.com...
> I've set up IIS on a Windows 2003 server to use Integrated Windows
> authentication. This works the way I expect it to on site - users who
> are logged into our domain can reach the website no problem.
>
> What I'm having an issue with (of sorts) is users off site. Using IE6
> they are forced to log in using domainname\username and password - in
> other browsers like Firefox they can just type in username and
> password, without the domain name.
>
> I guess my question is; are there any settings in IIS that could let
> the users log on using IE6 without typing in the domainname\ part? Or
> is that more of an IE question?
>
> I know typing in the "domainname\" part sounds like a minute detail,
> but some users logging onto out intranet from home will likely not
> remember/understand that part of the login process.
>
> Any help would be appreciated.
>
> Thanks,
> Remi
| |
| Bernard 2004-11-22, 2:47 am |
| Mm.. this is interesting, I wonder how firefox know about the 'domain'
detail.
Anyway, you defaultdomain is not configured for IWA method, only basic auth
support this.
Also, if you have another domain for auth. how would you do it with firefox
?
--
Regards,
Bernard Cheah
http://www.tryiis.com/
http://support.microsoft.com/
http://www.msmvps.com/bernard/
"Remi O" <remster@gmail.com> wrote in message
news:c6c2ae59.0411191337.59c8ecd9@posting.google.com...
> I've set up IIS on a Windows 2003 server to use Integrated Windows
> authentication. This works the way I expect it to on site - users who
> are logged into our domain can reach the website no problem.
>
> What I'm having an issue with (of sorts) is users off site. Using IE6
> they are forced to log in using domainname\username and password - in
> other browsers like Firefox they can just type in username and
> password, without the domain name.
>
> I guess my question is; are there any settings in IIS that could let
> the users log on using IE6 without typing in the domainname\ part? Or
> is that more of an IE question?
>
> I know typing in the "domainname\" part sounds like a minute detail,
> but some users logging onto out intranet from home will likely not
> remember/understand that part of the login process.
>
> Any help would be appreciated.
>
> Thanks,
> Remi
| |
| Jeff Cochran 2004-11-22, 2:47 am |
| I've been told the latest version of Firefox will pass credentials for
Windows Authentication as IE does. Haven't tried it though.
Jeff
On Mon, 22 Nov 2004 12:17:25 +0800, "Bernard"
<qbernard@hotmail.com.discuss> wrote:
>Mm.. this is interesting, I wonder how firefox know about the 'domain'
>detail.
>Anyway, you defaultdomain is not configured for IWA method, only basic auth
>support this.
>
>Also, if you have another domain for auth. how would you do it with firefox
>?
>
>--
>Regards,
>Bernard Cheah
>http://www.tryiis.com/
>http://support.microsoft.com/
>http://www.msmvps.com/bernard/
>
>
>
>"Remi O" <remster@gmail.com> wrote in message
>news:c6c2ae59.0411191337.59c8ecd9@posting.google.com...
>
| |
| Bernard 2004-11-22, 2:47 am |
| Yes, I'm aware  just like to know more about the version.
also, what if there's few domain ? or resource domain and account domain is
not the same ? do we specify domainname\username also ?
--
Regards,
Bernard Cheah
http://www.tryiis.com/
http://support.microsoft.com/
http://www.msmvps.com/bernard/
"Jeff Cochran" <jeff.nospam@zina.com> wrote in message
news:41aa7dd2.2023081707@msnews.microsoft.com...
> I've been told the latest version of Firefox will pass credentials for
> Windows Authentication as IE does. Haven't tried it though.
>
> Jeff
>
>
> On Mon, 22 Nov 2004 12:17:25 +0800, "Bernard"
> <qbernard@hotmail.com.discuss> wrote:
>
auth[vbcol=seagreen]
firefox[vbcol=seagreen]
>
|
|
|
|
|