Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Checklist for IIS 6/ASP.NET Windows Authentication?

Tags:

authentication

asp.net

iis

active-directory

I've been having trouble getting my ASP.NET application to automatically log users into the Intranet site I'm building. No matter the googling or the experimentation I applied, there is always a login box displayed by IE7.

I've got Windows authentication mode set in the Web.config, disabled anonymous access and configured the correct default domain in IIS, but it's still asking the user to log in and, more annoyingly, the user is required to provide the domain too (DOMAIN\auser), which is causing problems with non-technical visitors. Thank Zeus for password remembering functionality.

I'm not the network administrator so it's possible that something about Active Directory is set up incorrectly, or it could just be me missing something very simple. Please note that I don't want to impersonate the user, I just need to know that the IPrincipal.Name property matches that of a valid record in my user database, hence authenticating the user to my application.

To this end, it would be very useful to have a checklist of all configuration requirements for AD, ASP.NET and IIS to work together in this manner as a reference for debugging and hopefully reducing some user friction.

like image 855
tags2k Avatar asked Aug 03 '08 11:08

tags2k

People also ask

How does Windows Authentication work in IIS?

Authentication: The client generates and hashes a response and sends it to the IIS server. The server receives the challenge-hashed response and compares it to what it knows to be the appropriate response. If the received response matches the expected response, the user is successfully authenticated to the server.

2 Answers

It sounds like you've covered all the server-side bases--maybe it's a client issue? I assume your users have integrated authentication enabled in IE7? (Tools -> Internet Options -> Advanced -> Security). This is enabled by default.

Also, is your site correctly recognized by IE7 as being in the Local Intranet zone? The IE7 default is to allow automatic logon only in that zone, so users would be prompted if IE thinks your site is on the internet. I believe using a hostname with a dot in it causes IE to place the site into the Internet zone.

like image 178
Mike Powell Avatar answered Sep 29 '22 19:09

Mike Powell

  1. Open Active Directory Users and Computers MMC snap in

  2. Expand computers section from TreeView (left side)

  3. Check if the computer is registered in your domain.

Also, you have to login with a domain account on that computer, otherwise that authentication box will be shown.

like image 37
Dani Avatar answered Sep 29 '22 19:09

Dani
Sign in to Comment

Related questions

Cannot instantiate proxy of class error
Web api not supporting POST method
How to get all the values from appsettings key which starts with specific name and pass this to any array?
Easiest way to parse JSON response
How to pass values across the pages in ASP.net without using Session
How to check if IIS is in 32bit or 64bit mode
FormCollection Empty on Form Post in ASP.NET-MVC
Match two fields with jQuery validate plugin
Asp.Net Session is null in ashx file
Usage of the ASP.NET MVC4 jquery/javascript bundles
c# - How to get sum of the values from List?
How to determine whether an IP address is private?
How to launch an EXE from Web page (asp.net)
Login failed for user 'NT AUTHORITY\NETWORK SERVICE'
Easiest way to parse "querystring" formatted data
Asp.net mvc3 razor with multiple submit buttons
Passing multiple argument through CommandArgument of Button in Asp.net
How to determine if compilation debug="true" in web.config
How to use ASP.NET Identity 3.0 without Entity Framework [closed]
How to use Castle Windsor with ASP.Net web forms?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!