IIS Server Security - RE: IIS 6 Integrated Authentication and IE 6 - security credentials se

This is Interesting: Free IT Magazines  
Home > Archive > IIS Server Security > May 2005 > RE: IIS 6 Integrated Authentication and IE 6 - security credentials se





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author RE: IIS 6 Integrated Authentication and IE 6 - security credentials se
jaxdagger

2005-05-18, 6:03 pm

Another area to consider is the IE security zones. The internet security
zone allows only basic authentication where local intranet and trusted zones
allow for NTLM and Kerberos authentication. Try dropping the site URLs into
these zones to see if this resolves the problem.

"Andy Wright" wrote:

> Hi,
>
> I have an IIS 6 application on Windows 2003 SP1 configured to use integrated
> authentication. It runs in an application pool that is configured with a
> specific user name and password.
>
> If I connect to the web site using IE 6 hosted on a machine running NT 4
> everything works fine. When I request a page from the web site, the
> following request is logged:
>
> 2005-04-04 09:00:57 192.168.0.100 GET /test/test.htm - 80
> LOCH_NESS\pplustester1 192.168.0.5
> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+4.0) 200 0 0
>
> However, if I log on as the same user (LOCH_NESS\pplustester1) on a machine
> running IE 6 hosted on Winndows XP, the system prompts me for user name and
> password credentials. After supplying the correct credentials I eventually
> get an HTTP 401.1 error. The request is logged at the server as:
>
> 2005-04-04 07:59:28 192.168.0.100 GET /test/test.htm - 80 - 192.168.0.127
> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322) 401 2
> 2148074254
>
> It seems that the user name authentication credentials aren't being passed
> on to the web server correctly.
>
> If I reconfigure the web site so that it runns in an application pool
> associated with the default Network Service identity then the request from
> the Windows XP machine works ok and is logged as:
>
> 2005-04-04 09:29:17 192.168.0.100 GET /test/test.htm - 80
> LOCH_NESS\Administrator 192.168.0.127
> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322) 304 0
> 0
>
> Does anyone know if there are any settings that need to be configured for
> IE6 when running on XP to fix it so that the credentials are passed on
> correctly - or is there something more subtle that I'm missing?
>
> Thanks,
>
> Andy Wright
>
>
>
Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com