IIS Server Security - Integrated Windows Auth Problem

Author

Integrated Windows Auth Problem

2004-08-23, 8:01 am

No proxy.
Here's the scenario:

Server is running Win2k3 Standard Edition and IIS6. It's
located on the 10.25.99 subnet

Client detached from any domain running Windows Server
2003 and IE6.0.3790 can authenticate using a x Domain
profile. It's located on the 10.57.192 subnet

Client joined to x domain running Windows 2000 Server
Enterprise Edition and IE6.0.2800 can't authenticate
using a x domain profile. It's located on the 10.25.107
subnet

Both browsers have enable integrated windows
authentication checked

Any ideas?

>-----Original Message-----
>500 is "internal server error"
>
>However, it seems your browser is displaying something
else *not* an IIS
>message. Do you have a proxy server between the client
and IIS box that
>might be "changing" the message that is coming back from
IIS?
>
>Cheers
>Ken
>
>
>"Stuart Grover" <Stuart.Grover@eds.com> wrote in message
>news:afb701c488ce$a3c9fa20$a401280a@phx.gbl...
against[vbcol=seagreen]
in[vbcol=seagreen]
>
>
>.
>

WenJun Zhang[msft]

2004-08-23, 8:01 am

Hi,

500 is server application error instead of an authentication
error(401.x). Please uncheck "Show HTTP friendly error message" in IE
internet options->Advanced to see if there is any more detailed error
reported.

Also, since you want to use NTLM, please uncheck "enable integrated
windows authentication" option. It will cause IE choose Kerberos auth
instead of NTLM.

Best regards,

WenJun Zhang
Microsoft Online Support
This posting is provided "AS IS" with no warranties, and confers no
rights.
Get Secure! - www.microsoft.com/security

WenJun Zhang[msft]

2004-08-25, 4:21 am

Hi,

Just want to check if you've got any findings or progress on this
issue?

Best regards,

WenJun Zhang
Microsoft Online Support
This posting is provided "AS IS" with no warranties, and confers no
rights.
Get Secure! - www.microsoft.com/security