|
Home > Archive > IIS Server Security > June 2005 > IIS6 and Pass-Through Authentication
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
IIS6 and Pass-Through Authentication
|
|
| Arkane 2005-06-15, 6:10 pm |
| We have a Windows 2003 DC (Active Directory) and an IIS6 Webserver to host
our intranet.
We have 3 forests, however we would like all users in DOMAIN_A to simply
'pass' their credentials to IIS6 without having to type them, so they can get
to restricted areas of the site without the need for manual authentication.
Any other users from either DOMAIN_B or DOMAIN_C should be required to
authenticate, of course it should only accept usernames/passwords from
DOMAIN_A.
How would I achieve this? I've tried creating a virtual directory and
setting it's security to be 'Integrated Windows Security' and have also tried
'Basic Authentication' but both require I authenticate manually, am I doing
something wrong? Am I missing out an extra step somewhere?
Any thoughts or ideas are appreciated.
| |
| Tom Kaminski [MVP] 2005-06-15, 6:10 pm |
| 5270788EAA19@microsoft.com...
> We have a Windows 2003 DC (Active Directory) and an IIS6 Webserver to host
> our intranet.
>
> We have 3 forests, however we would like all users in DOMAIN_A to simply
> 'pass' their credentials to IIS6 without having to type them, so they can
> get
> to restricted areas of the site without the need for manual
> authentication.
> Any other users from either DOMAIN_B or DOMAIN_C should be required to
> authenticate, of course it should only accept usernames/passwords from
> DOMAIN_A.
>
> How would I achieve this? I've tried creating a virtual directory and
> setting it's security to be 'Integrated Windows Security' and have also
> tried
> 'Basic Authentication' but both require I authenticate manually, am I
> doing
> something wrong? Am I missing out an extra step somewhere?
>
> Any thoughts or ideas are appreciated.
This is not pass through authentication - that's something altogther
different. In order to get IE to pass the credentials in the background for
Windows Integrated authentication, IE needs to recognize you FQDN as part of
the intranet.
http://support.microsoft.com/?id=258063
--
Tom Kaminski IIS MVP
http://www.microsoft.com/windowsser...ty/centers/iis/
http://mvp.support.microsoft.com/
http://www.iistoolshed.com/ - tools, scripts, and utilities for running IIS
"Arkane" <Arkane@discussions.microsoft.com> wrote in message
news:6778635E-9972-471B-8711-
|
|
|
|
|