Our is a web application in .net1.1 with IIS 6.0 and Win 2003 Server.

We need to have a WebLogin (authenticating User ID and Password)  and the NT
 users should be able to Login with out giving any password.

We have tried the conventional approach of keeping a separate page for NT us
ers and keeping it in a separate folder say NT folder under the root web app
lication folder. NT users will be calling this page for Login.

The NT folder will have only the "Integrated Windows Authentication " select
ed. The root Web application folder will have "Enable Anonymous Access Check
ed". On doing this in the NTLogin page Request.ServerVariables["AUTH_USER"]i
s coming as blank. I guess this means the NTLogin is not validated in this p
age and anonymous Login is happening. 

This approach used to work in older versions of IIS.

If you can suggest any alternate approach or Security settings for the same 
approach it will be of great help

Regards
Bobby

[ Post a follow-up to this message ]