Authentication Intranet Website Running Under IIS6?
Jan 17, 2011
I have an an intranet website running under IIS6 (under a specific port, not the default one) with a integrated windows authentication enabled and uses an application pool configured with a service account. the issue is, if I access the website using the server name with a fully qualified domain in the URL, it throws a login prompt (doesn't work even if enter my windows login credentials), but if I use the IP address of the server then it works fine. I need to do to get the URL with server name working.[URL]
View 3 Replies
Similar Messages:
Dec 6, 2010
We are having an issue with the windows authentication and IIS restart for asp.net application Our environment is an intranet site (an asp.net application ) that uses windows authentication, uses integrated security application pool, physical path credentials are set for a service account, who is admin for sql server, IIS etc. web.config - Connection string has Integrated Security = true, authentication = Windows, and authorization - deny *, allow = security group. Anytime we start - stop service (or restart) (IIS); and hit the website thru some other machine IE, it fails to show the website (401.2), and any subsequent hit to the website doesn't go thru.
However when we start the service, and hit the website on server's (where website is deployed) browser first time then everything works fine for subsequent hits from anywhere as long as authenticated on corp net and member of security group configured in web.config. This behavior however goes away if we uncheck the configuration "Enable Kernel-mode Authentication" on the asp.net application. ( but then Firefox browser stops working with this configuration!!) Why such behavior? In the documentation it states its recommended to keep it enabled. What is recommended way of publishing a website with windows authentication enabled? Any side effects of "Enable Kernel-mode Authentication" being unchecked ( other than what we found for firefox not working) Environment : IIS 7.5 windows 2008 Server R2, VS2008, SQL Server 2008, ASP.NET 2.0
View 5 Replies
Jul 8, 2010
We have developed a website in asp.net using windows authentication and deployed it on the intranet (IIS v6.0). Most of the times, when users try to access this website they are taken straight to the website, but occasionally some users get a prompt to enter their windows username and password. I understand that this could be caused because of several reasons like:
Cached active directory password. Recently active directory password changed. Active directory account locked out. I want to fix this issue for good because it is annoying the users.
View 1 Replies
Apr 16, 2010
To work with the ASP.NET 2.0 Membership and Role, we will use Forms authentication for the public Internet.
On the other hand, we use Windows authentication for Intranet applications. uestion: In a website with Windows authentication, can I still have some kind ofole management for different
groups of the Intranet users? If yes, how?
View 2 Replies
Mar 24, 2011
I'm trying to enable automatic Window authentication working on our ASP.NET Intranet. I've changed the Authentication on our IIS 7.5 server from Anonymous to Windows Authentication Enabled only, and changed the Web.config file for the website to:
<authentication mode="Windows" />
<authorization>
<deny users="?" />
</authorization>
The Windows login box appears when accessing the website via IE 8, I enter valid credentials, but the login window keeps reappearing as if it does not accept my credentials. By repeatedly cancelling the login box it disappears, and my login name can be viewed on the website. Is there any possible reason for the login box to keep popping up even though valid credentials are being entered? I've restarted the servers / cleared browser cache etc. Also, ideally I would like the user to enter the login details once in the login box and not be required to reenter login details whenever he reopens the browser.
View 3 Replies
Aug 2, 2010
I am reaching the stage where my first web application is nearing completion and I want to look at running the aspx web application. The web application is going to be run on an internal server, so that only users of the network can access the web page.I am not sure of how I get my project from my pc onto the server and go about making so that I can open it in my browser,
View 3 Replies
Mar 21, 2011
am looking to add a contact page to my asp site that I am running vie IIS6.0I have created the page but just need help with the code i would also like to send the user to a thanks page once the Web Form has been sent.It also has a drop down menu and the email is sent to that address! If someone could help with the coding ect that would be a massive help. The codeing I have so far:
[Code]...
View 4 Replies
Jan 9, 2010
We also have sales rep that take call and use the same website to take the orders.
My boss wants me to allow the SR to only be able to take orders if they are in the network itself. When I ask why he tells me "just because".
I'm sure there's a way but I can't see it at the moment. How do I go by doing that? Also keep in mind that if the SR is outside the intranet, he can't be allowed to enter his active directory login/password (so the login window must not even show).
View 3 Replies
Jun 28, 2010
Do any of you guys have experience using Active Directory and the Intranet Zone to silent authentication with a local web site? I've done it in the past with 1.1 and 2.0 .NET, but this 3.5 site I have written doesn't seem to be working for some reason.In the past, how I have done it is:
In web.config, set:
<authentication mode="Windows"/>
In IIS 6, under directory security, check Integrated Windows authentication and Digets authentication for Windows domain servers, and set the realm to my domain, and uncheck Enable Anonymous access.The I add the Host Header for the site to the corporate Intranet Zone in Internet Explorer under trusted sites using Active Directory.And that's basically it. I've done it on plenty of intranet sites before, but with this 3.5 application I am still being propped to login. Anybody see any steps I missed?
View 12 Replies
Jan 7, 2010
I've a project using windows authentication and it will be used in intranet. The client itself already have a web application in their intranet and they built it with Java (they used windows authentication too). The problem occur when they want my web application only appear within their application content section.
What should I do? I did think about using iframe but some people said it's evil. And if I'm going to use iframe, is it save? My web application will use a few pop up window/modal window and ajax.
View 5 Replies
Jul 26, 2010
i m trying to set up an Intranet site with Windows Authentication. I have configured the web.config as shown below.
<authentication mode="Windows">
<roleManager enabled="true" />
I wanted to do authorization by roles so
<authorization>
<deny users ="?"/>
<allow roles="D820MySite_Developers, D820MySite_Admins"/>
</authorization>
I'm in the D820MySite_Developers group. When I attempt to login, it wants my password. I thought that with Windows Authentication it should not prompt for the password. If is use <allow user="*"/> it does not.
1. Is this the correct behavior?
2. My aspnetdb does not appear in the App_Data folder. Should it and is this causing the problem. If it should be there, how do I get it there?
3. I was under the impression that by using Windows Authentication, I can prevent users from accessing pages by folder. Is this provided by IIS or is this provided by Windows (using Windows Explorer)?
View 3 Replies
Feb 24, 2011
We would like to use AD authentication with our Intranet site to control what pages different users can access. I'm very new to ASP.net and would be interested in links to a how to description. We are using Visual Studio 2008.
View 1 Replies
Mar 23, 2010
I'm trying to set up Windows authentication on an intranet site. I have this code in the web.config:
<system.web>
<authentication mode="Windows"/>
<authorization>
<allow users="domainuser, domainuser2" />
<deny users="*" />
</authorization>
</system.web>
I can log in with my own credentials, but I have virtually all the rights in AD. User2 can not log in. The website is set to use Windows authentication in IIS manager. And I've tried setting permissions in IIS manager and NTFS permissions for the folde
View 3 Replies
Feb 26, 2010
The company I work for has a web app running on IIS that has been strictly internal (uses a port other than 80 not accessible to the internet). Recently we started using mobile devices and need to access it over the internet. So I simply made it part of our company web site and secured that portion using forms authentication. The problem is that it is also our home page in the office and it is a pain to be logging in several times a day. In fact some of the staff are irate they have to login in at all when at their workstations. Is there a way to by-pass authentication when the referrer is http://servername/ and still enforce it when accessed via http://www.domainname.com?
View 1 Replies
Dec 19, 2010
I have a site on domain1. I need to open a ModalDialog with a Page on domain2. My Domain2 is protected not to allow anonymous access so i get a login window like:
My problem is, for this one functionality, i want users to be able to see that ASPX, through the ModalDialog, without authenticating.
I tried using the ftp way:(URL)
and i get a javascript error.
My site is hosted in IIS6, Windows Server 2003 and i have full access to the server.
View 1 Replies
Jul 31, 2010
I am having an issue with IIS6 and intergrated windows authentication that is driving me nuts, and I am hoping one of you guys can point me in the right direction.
I have written an ASP.net 3.5 application, and have installed it on a Windows 2003 R2 SP2. I have turned on intergrated windows authentication on, turned off anonymous access. using local host on the server itself I have no problems, it works, picks up the NTlogin.
However when I go to a clients machine (logged in as one of the users of the domain) and try to access the website
http://10.1.1.22/ I get asked for a username and password. If i enter a valid user name and password then I have no probelms. The NTlogin is picked up, application works.
But my issue is why does it come up with a username and password at all? shouldn't it just know this user is already in the domain, just go straight through to iis? how can i get rid of this? I have read multiple forums about server delegation etc... metabase.xml... nothing seems to work
View 4 Replies
Oct 2, 2010
I am trying to build a web app for an intranet site that for security reasons needs to make the user type in their Windows or Active Directory username pwd manually. I have previously worked with Integrated Windows Auth but in this case, we do want them to use type in their AD credentials.
I have been trying to look up how to do this and frankly I am a bit lost. It should be a fairly straightforward task and am hoping you can point me in the right direction, with some tutorials or examples. We will be using SSL so, dont have to worry about passing pwd in cleartext over the wire.
My environment is visual studio 2008 in C#, .net 3.5 if that matters.
View 1 Replies
Apr 1, 2010
We're developping an application that uses forms authentication and URL rewriting (www.urlrewriter.net). In order to make extension-less URL rewriting possible we had to add a default application mapping for the asp.net aspnet_isapi.dll.
The problem we're experiencing now is that when the website is accessed by http://www.myapp.com/ then the aspnet_isapi.dll gets the request and forms authentication forwards it to our login site, so the user gets redirected to http://www.myapp.com/login.aspx?ReturnUrl=%2f instead of having default.aspx displayed (which is allowed to anyone).
Here's the part of web.config dealing with forms auth:
<system.web>
<authorization>
<deny users="?"/>
<allow users="*" />
</authorization>
<authentication mode="Forms" >
<forms slidingExpiration="true" cookieless="UseCookies" defaultUrl="default.aspx" loginUrl="default.aspx" name="gzfb_site_test" timeout="525600"></forms>
</authentication>
</system.web>
<location path="default.aspx">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
I did quite some research on this problem but didn't find any solution. Is this scenario possible at all, or does default application mapping and forms auth using <deny users="?"/> interfere by design?
P.S. the problems only manifest when running on IIS 6, the ASP.net Development Server handles it without any problems
View 2 Replies
Feb 15, 2011
I've been asked to upgrade a few applications and I'm planning on merging all of them into one asp.net application. I'm fine with this decision and have spoken with fellow workers and they also think it's the best option to go with.
The application will be accessed from a small group of users which belong to a larger domain. I'm currently planning on using Windows authentication and only allow this small set of users to access the asp.net application. Also there must be some role management, so that only certain users can view certain functionality.
I really don't want to have many different windows groups; so I want to avoid having to assign different windows groups to different folders and control permissions in the web.config.
What I'd like to do is:
- Assign one windows group to the small group of users who will access the page.
- Create a custom membership provider and control the user who accesses the application. Depending on the user I will then assign his current set of roles.
- Add an application setting to the web.config, with the name of the current administrator, so if he logs in, he will be assigned all roles, and will be able to create and assign roles to other users.
View 1 Replies
Dec 18, 2010
we are migrating existing windows form application to asp.net(3.5) intranet portal, there is a requirement whereby database connection should be made by the logged in windows user. Is it possible to achieve this functionality?
View 1 Replies
Mar 9, 2010
I'm new to .NET. And created a website using
ASP.net 3.5 (.aspx as frontend)
VB.net(aspx.vb as backend)
SQL Server 2000 as backend
Now I want to host the site within our intranet network. But I can't.
I don't know about web.config in detail.
View 2 Replies
Nov 12, 2010
I've recently enabled Digest Authentication on an intranet website/application I am creating for my company in ASP.NET.
The reason I have done so is because Windows Authentication seemed to only work for some users, and not for others. I could not figure out why nor do I know enough about IIS to try and trace the issue. After some trial and error, I found that digest authentication seemed to give me the behaviour that I wanted. That is: allow only users with a valid account on the domain to log in to the website with their credentials.
The problem now, is that Firefox (3+) seems to ask for the user to authenticate on every HTTP request sent to the server. This does not appear to occur in Internet Explorer (6+) or Chrome.
I've tried searching for solutions but I always arrive at dead-ends. I'll find a discussion about the issue, and every posted solution leads to a dead link...or it's on Experts Exchange and I don't have access to view to solution.
The issue appears to be related (from what I've read) to the way the different browsers send their authentication headers vs how IIS interprets them. I'm not sure what I can do to change this though? One of the solutions I had found mentioned writing an ISAPI filter to fix this, but of course the link to the finished filter was broken and I have no idea how to go about making one myself.
I've tried messing with the NTLM and other auth related strings in about:config to try and force Firefox to trust my server but that doesn't seem to work either.
From a few other sources I've read, it appears that everything should work if I switch back to Windows Authentication, but then I'm back at square one where the authentication would work only for some users and not others.
A solution for either problem would work for me, but I have very little information for the Windows Authentication issue. If someone could guide me through tracing the problem I'd gladly post more information for it as well.
[URL]
View 1 Replies
Jul 18, 2010
I am getting this error when trying to connect a database from another computer in my home network:
System.Data.SqlClient.SqlException : Login failed. The login is from an untrusted domain and cannot be used with Windows authentication.
this database is using windows authentication. sqlserver 2008.
What is the connectionstring that I need to use in order to get the database?
View 1 Replies
Jul 16, 2012
I am totally new in .Net 2010. I developed a website for and i want to use company intranet so that any body in LAN can use that website by using local URL of the website.
View 1 Replies
Feb 19, 2010
Recently I got a strange behavior, the website hangs and just doesn't reply unless I go to iis and restart either app pool or whole IIS - BUT what is the most strange thing is that in case I go to remote desktop of the server and try to access it locally it DOES work just fine. I read couple threads about deadlocking and hanging because of memory leaks and non closed sql connections BUT why it still does work from the local?In case there is something wrong with the code - why does it still work from locally?
View 2 Replies
