IIS Server Security - Integrated Authentication, Auto Logon, and off the network

Author

Integrated Authentication, Auto Logon, and off the network

jdbutler72@gmail.com

2007-05-09, 1:21 pm

Is there a way to let IE clients auto logon when connected to an
Active Directory network and get prompted to logon when connected over
the Internet to the same site with SSL? If so what are the settings
needed on the IIS side and IE side? I get the IE error page that the
site cannot be found when trying over the Internet. The site is in the
Local Intranet Zone. If I put the site in the Trusted Zone I get
prompted over the Internet but also when connected to the network.

Ken Schaefer

2007-05-10, 1:19 am

Hi,

http://support.microsoft.com/?id=258063 shows the logic that IE uses when
determining whether to attempt an auto-logon or not.

To meet your requirements, you are going to need the site accessible by two
hostnames - one in the Intranet security zone, and one that's not (e.g.
http://sitename and http://www.sitename.com).

If you want both to be accessed via SSL, then you need to create two
websites in IIS and install a certificate into each one or create a
certificate that has multiple cn in it - one for each hostname.

Cheers
Ken

--
My IIS Blog: www.adOpenStatic.com/cs/blogs/ken

<jdbutler72@gmail.com> wrote in message
news:1178713742.477658.276970@o5g2000hsb.googlegroups.com...
> Is there a way to let IE clients auto logon when connected to an
> Active Directory network and get prompted to logon when connected over
> the Internet to the same site with SSL? If so what are the settings
> needed on the IIS side and IE side? I get the IE error page that the
> site cannot be found when trying over the Internet. The site is in the
> Local Intranet Zone. If I put the site in the Trusted Zone I get
> prompted over the Internet but also when connected to the network.
>