IIS Security strange things

[Guest]

I have intranet application based on ASP.NET on Win2000AS (Framework 1.1).

Website uses an Integrated Windows Authentication as Authentication method
in IIS and has following security configuration in the web.config

------------------------------------------
<identity impersonate="false" />

<authentication mode="Windows" />
<authorization>
<deny users="?" />
</authorization>

<customErrors defaultRedirect="CustomError.aspx" mode="Off">
<error statusCode="401" redirect="Custom401.html"/>
</customErrors>
------------------------------------------

And everything goes fine for 99.9% users and not for one only, who always
get a popup login window to login this website.
He has WinXP box, with latest browser, like many others, but for any reason
website cannot recognize that user as a valid internal user.

Any ideas? Thank you

 

[Arvind P Rangan]

Hi ,
In IE open Options -> select Security
Select Custom LEVEL -> User Authentication
Check if the user has checked Prompt for user name and password.
If its marked make it to auttomatic login only in intranet zone.
Arvind

 

[Guest]

Hi, Arvind

yes, he has the default level (medium low) for the intranet zone
and in addition that site inserted in Local Intranet Site List
(Security - Sites - Advanced...)

Alexey

 

[Arvind P Rangan]

Alexey,
Click on Custom Level
and in that See what is selected for User Authentication.
Arvind

 

[Guest]

User Authentication
Logon
Automatic logon only in Intranet zone