|
Home > Archive > IIS Server Security > November 2005 > Server 2k3 SP1 Won't do a intergrated authentication
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Server 2k3 SP1 Won't do a intergrated authentication
|
|
| Lokiarmos 2005-11-08, 6:28 pm |
| I have a server 2k3 with SP1 and latest patches connected to my domain.
The problem that i am having is that one of my website will not authenticate
my user. I have set the authenication level to Intergrated Windows
authentication but it won't accept my user name or password.
i was looking up the problem and found a reference in the metadata base to
a NTAuthenticationProviders metatag.
Now i went and had a look at my metabase for my exchange server and found
stacks of references to this tag but on the server i am having problems with,
none.
Does this mean my metadata base is stuffed or incorrectly built. i installed
IIS before i patched the server to SP1.
Is there a tool or method to fix this.
| |
| Lokiarmos 2005-11-08, 6:28 pm |
| A little clarification here:
Under the header Atama the site will automatically authenicate. not a problem.
Under the header HelpDesk.knox.vic.edu.au the page displays a 401.2 error
Under the header HelpDesk the page displays fine.
I have placed the header HelpDesk.knox.vic.edu.au in the intranet zone. and
had it not in the intranet zone and the error is the same.
but on the actual server i can not get it to display at all, it keeps asking
for a user name and password no matter what header i use.
The problem lies i need to be able to use the header
Helpdesk.knox.vic.edu.au becuase otherwise i have to use a wins server or set
the name in the host file. And becuase it will be use in house across a large
number of computers editing the host file would be to long and our current
wins server will be going out the window soon.
| |
| David Wang [Msft] 2005-11-08, 6:28 pm |
| http://blogs.msdn.com/david.wang/ar...ess_Denied.aspx
401.2 means that the client did not use an authentication protocol supported
by the server.
You said it worked with other host headers, just not the dotted one. That
suggests that the problem is client-side.
No idea what you mean with Hosts file and WINS. Your error suggests that the
client and server actually communicated with each other (so IP-resolution is
not an issue).
--
//David
IIS
http://blogs.msdn.com/David.Wang
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"Lokiarmos" <2198234981234810834@Localhost> wrote in message
news:A6A27EDB-79CD-42D8-BFC2-1F7DCC6B94FF@microsoft.com...
A little clarification here:
Under the header Atama the site will automatically authenicate. not a
problem.
Under the header HelpDesk.knox.vic.edu.au the page displays a 401.2 error
Under the header HelpDesk the page displays fine.
I have placed the header HelpDesk.knox.vic.edu.au in the intranet zone. and
had it not in the intranet zone and the error is the same.
but on the actual server i can not get it to display at all, it keeps asking
for a user name and password no matter what header i use.
The problem lies i need to be able to use the header
Helpdesk.knox.vic.edu.au becuase otherwise i have to use a wins server or
set
the name in the host file. And becuase it will be use in house across a
large
number of computers editing the host file would be to long and our current
wins server will be going out the window soon.
| |
| Lokiarmos 2005-11-08, 7:30 pm |
| I downloaded the microsoft Auth Diagnostics 1.0 tools and run it on my site.
It found that my site had no authtype tags in the metabase.
So it was configured for intergrated authentication but they where no tags
telling it to use it.
so i went looking and found a page that told me how to use a script to apply
the authentication tags in manually.
once i had done that, deleted old website, deleted the old apppool that i
made for the site and then recreated both it worked like a charm.
"David Wang [Msft]" wrote:
> http://blogs.msdn.com/david.wang/ar...ess_Denied.aspx
>
> 401.2 means that the client did not use an authentication protocol supported
> by the server.
>
> You said it worked with other host headers, just not the dotted one. That
> suggests that the problem is client-side.
>
> No idea what you mean with Hosts file and WINS. Your error suggests that the
> client and server actually communicated with each other (so IP-resolution is
> not an issue).
>
> --
> //David
> IIS
> http://blogs.msdn.com/David.Wang
> This posting is provided "AS IS" with no warranties, and confers no rights.
> //
|
|
|
|
|