|
Home > Archive > IIS Server Security > June 2004 > authentication varies based on web address
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
authentication varies based on web address
|
|
| Dushan Bilbija 2004-06-20, 11:48 pm |
| ok, this is weird (and annoying)
i changed the deault document in the default web site... and now my
authentication is all screwed up. changing it back didn't help.
when browsing from the server itself
- if i type in localhost, i'm ok
- if i type in the machine name, i'm ok
- if i type in the dns name (coolname.mydomain.com), i get the user login
screen (username, pwd and domain). if i click "ok" with NOTHING ENTERED, it
passes me through. after that, every page requires me to reclick the blank
login screen. plus, this directory is enabled for anonymous access... so
what's the dealy-o?
when browing from a machine in our domain
- if i type in the machine name, i'm ok
- if i type in the dns name (coolname.mydomain.com), i get the user login
screen. if i click "ok" with NOTHING ENTERED, it passes me through. after
that, every page requires me to reclick the blank login screen.
when browsing from a machine in another domain
- if i type in the machine name, i'm ok
- if i type in the dns name (coolname.mydomain.com), i get the user login
screen. THIS ONE WORKS, THOUGH. it's not the 3 text box login screen
(username, pwd, domain), it's the 2 text box login screen (username, pwd).
if i click ok with nothing entered, it fails... as it should. if i type in
my login (mydomain\me), it works... as it should
ummm... what the?
i would have been better off uninstalling iis completely, deleting the
directories and reinstalling it... i've spent 3 hours on this already.
any help would be greatly appreciated.
dushan bilbija
| |
| Ken Schaefer 2004-06-26, 10:16 am |
| Hi,
Anonymous Authentication is configured for this website? Is that correct?
If so, and IIS is sending back HTTP 401 headers, then it may be having a
problem impersonating the configured anonymous user account.
If you enable Logon Auditing failure, do you see anything in the Windows
Event logs?
Cheers
Ken
"Dushan Bilbija" <dbilbija@msn.com> wrote in message
news:enRn3I0VEHA.1356@TK2MSFTNGP09.phx.gbl...
: ok, this is weird (and annoying)
:
: i changed the deault document in the default web site... and now my
: authentication is all screwed up. changing it back didn't help.
:
: when browsing from the server itself
:
: - if i type in localhost, i'm ok
: - if i type in the machine name, i'm ok
: - if i type in the dns name (coolname.mydomain.com), i get the user login
: screen (username, pwd and domain). if i click "ok" with NOTHING ENTERED,
it
: passes me through. after that, every page requires me to reclick the blank
: login screen. plus, this directory is enabled for anonymous access... so
: what's the dealy-o?
:
: when browing from a machine in our domain
: - if i type in the machine name, i'm ok
: - if i type in the dns name (coolname.mydomain.com), i get the user login
: screen. if i click "ok" with NOTHING ENTERED, it passes me through. after
: that, every page requires me to reclick the blank login screen.
:
: when browsing from a machine in another domain
: - if i type in the machine name, i'm ok
: - if i type in the dns name (coolname.mydomain.com), i get the user login
: screen. THIS ONE WORKS, THOUGH. it's not the 3 text box login screen
: (username, pwd, domain), it's the 2 text box login screen (username, pwd).
: if i click ok with nothing entered, it fails... as it should. if i type in
: my login (mydomain\me), it works... as it should
:
: ummm... what the?
:
: i would have been better off uninstalling iis completely, deleting the
: directories and reinstalling it... i've spent 3 hours on this already.
:
: any help would be greatly appreciated.
:
: dushan bilbija
:
:
| |
| Yogita Manghnani [MSFT] 2004-06-26, 10:16 am |
| Hello Dushan,
Also check to see if the following articles apply in your case:
http://support.microsoft.com/defaul...kb;en-us;303650
http://support.microsoft.com/defaul...kb;en-us;258063
....though this should have nothing to do with changing the default
document. It could be possible that after you changed the default document,
you were prompted with a dialog which asked if you wanted a particular
property (not the default document) to be reset on all child
objects.....and you accidentally clicked ok? This happens sometimes and
unless you read the message completely, you may end up changing a different
property unintentionally.
Based on what authentication method you want to use on this site, make sure
only that method is checked in the site properties-> Directory security->
Anonymous access and authentication control. If Anonymous is what you want
to use, then instead of a prompt, you should now see an error in the
browser (be sure to turn off friendly error messages in the browser: IE->
Tools-> Internet options-> Advanced-> uncheck Show friendly http error
message, reopen the browser). If Integrated authentication is what you want
to enable on the site, check the IIS logs after receiving the prompt to see
what the error code is.
Thanks,
Yogita Manghnani
Microsoft Developer Support
Internet Information Server
****************************************
*****************************[vbcol=seag
reen]
account name for newsgroup participation only.<<
This posting is provided "AS IS" with no warranties, and confers no rights.
You assume all risk for your use.
© 2003 Microsoft Corporation. All rights reserved.
****************************************
*****************************
|
|
|
|
|