LOGON_USER / NT Security

[Ray at]

Use integrated authentication and make sure your users access the site using
a domain with no .'s in it, i.e. http://intranet as opposed to
http://iisserver.yourdomain.com. IE will pass the user's logon credentials
to the server silently in the intranet zone (no .'s in domain), by default.

Ray at work

 

[Maria]

I'm trying to get the NT login id of a user on a web page without making the
user type it into a login box. I'm using the LOGON_USER server variable.
The problem is, if the web page allows anonymous access, LOGON_USER returns
nothing. If the page is set to Basic Security, the NT login popup box comes
up, even though the user is already logged into the network, and HAS access
to this page. Moreover, if I try this on my PC instead of our webserver, it
works like I would expect. That is, when set to Basic Security, it does NOT
pop up a login box if the user is allowed to view the page, and LOGON_USER
returns the userid. Is there some setting on the server I need to change?
Or something else?

 

[Maria]

I'm not sure what you mean by integrated authentication. When I tried using
the machine name of the webserver, it still didn't work. The URL looked
like this: http://servername/folder/file.asp.

 

[Ray at]

I'm writing for Windows 2000/IIS 5:

IIS manager
Right click on the site or the directory
Click properties
Go to the Directory Security tab
Click the top Edit button (Anon access/authentication control)
Set Anonymous access to False
Set Integrated Windows authentication to True

Ray at work