Integrated Windows Authentication problem

J

Jimmy J.

I have a website, that works perfectly locally - it works perfectly, setting
it up on the Development server, but then, when we set itup on the
Production server (all using same SQL Server), when accessing the site
(another intranet server), it prompts for username and password,
Windows-style, which is not what we want -

IWA is checked (alone) in IIS, In the Web.Config file, Impersonate is set
to true, and Authentication Mode is set to Windows.

I'm assuming IIS is setup differently on the Production server, but the guy
who does that isn't sure what that might be.

Is there something in IIS I need to change/add, other than checking IWA, to
make this work like the other servers/computers?
 
G

Guest

I have a website, that works perfectly locally - it works perfectly, setting
it up on the Development server, but then, when we set itup on the
Production server (all using same SQL Server), when accessing the site
(another intranet server), it prompts for username and password,
Windows-style, which is not what we want -

IWA is checked (alone) in IIS, In the Web.Config file, Impersonate is set
to true, and Authentication Mode is set to Windows.
Click to expand...

Do you really need Impersonate=true?

It looks like your account doesn't have rights to access server (and
it works locally only)

----------------------------------
Set the NTFS access control list (ACL) for the xxx-directory to allow
access to only those identities that are in the xxx-group and any
required system accounts. You would need to be sure to include the
identity of the ASP.NET process. The identity of the ASP.NET process
for Windows 2000 Server or Windows NT is the local ASPNET account. The
identity of the ASP.NET process for Windows Server 2003 and later is
the identity of the IIS application pool, which by default is the
NETWORK SERVICE account.

source: http://msdn2.microsoft.com/en-us/library/134ec8tc.aspx
 
B

bruce barker

your iis box is probably setup with kerberos so credential delegation
will work. this forces the dialog. if you can turn off impersonate (or
host sqlserver on the iis box), then you can switch to ntlm like on your
dev box.

-- bruce (sqlwork.com)
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

ASP.NET Integrated Windows Authentication 2
Integrated Windows Authentication not working 1
IIS 7.0 and Windows Integrated Authentication? 1
Integrated Windows Authentication Problem 4
windows integrated authentication and impersonation 1
Windows Authentication 4
Integrated Windows Authentication ? 0
Integrated Authentication 1

Members online

Total: 38 (members: 2, guests: 36)
Robots: 337

Forum statistics

Threads
473,769
Messages
2,569,582
Members
45,058
Latest member
QQXCharlot

Latest Threads

Top