Question about windows integrated security

N

NWx

Hi,

I developed a small test app using ASP.NET. I left the vistual folder to be
accessible only with windows integrated security.
I try to access that app from another PC in my LAN. I don't have a domain
controller, the lan works with Workgroup.

When I access that page, I get a user login dialog, aking me to enter
username / password

I have an user account on that pc, and try to enter that username, and pass,
but autantication fail and I see that dialog again and again.

To be more specific

server pc is called TTMServer
PC I try to connect from is called TTMWS

On TTMServer I have a user account with administrative privileges, John,
password John22
On TTMWS I also have an account John, with pass John22, admin account type
too

I work on TTMWS, and I'm logged on account John

When I try to access my app

http://ttmserver/Testapp

I get the user login window.

I try enter user John or user TTMServer\John, and pass John22, but no luck.
I'm not autenticated, so I cannot see that page

What I did wrong? How someone over internet, who have a user account on a PC
hosting the web server, can access a app which uses Windows autentication ?

Thank you for any help
 
K

Ken Schaefer

Not only do you have enter a valid user account for the server, but that
user account needs to have appropriate NTFS permissions to the actual file
you want to read off the server's hard disk. I would check the NTFS
permissions on the server.

Cheers
Ken


: Hi,
:
: I developed a small test app using ASP.NET. I left the vistual folder to
be
: accessible only with windows integrated security.
: I try to access that app from another PC in my LAN. I don't have a domain
: controller, the lan works with Workgroup.
:
: When I access that page, I get a user login dialog, aking me to enter
: username / password
:
: I have an user account on that pc, and try to enter that username, and
pass,
: but autantication fail and I see that dialog again and again.
:
: To be more specific
:
: server pc is called TTMServer
: PC I try to connect from is called TTMWS
:
: On TTMServer I have a user account with administrative privileges, John,
: password John22
: On TTMWS I also have an account John, with pass John22, admin account type
: too
:
: I work on TTMWS, and I'm logged on account John
:
: When I try to access my app
:
: http://ttmserver/Testapp
:
: I get the user login window.
:
: I try enter user John or user TTMServer\John, and pass John22, but no
luck.
: I'm not autenticated, so I cannot see that page
:
: What I did wrong? How someone over internet, who have a user account on a
PC
: hosting the web server, can access a app which uses Windows autentication
?
:
: Thank you for any help
:
:
:
 
N

NWx

Hi,
Not only do you have enter a valid user account for the server, but that
user account needs to have appropriate NTFS permissions to the actual file
you want to read off the server's hard disk. I would check the NTFS
permissions on the server.
Click to expand...

User account I try to logon with has admnistrator rights, so it can access
and file and folder.

Do you have any other suggestion?

Thank you.
 
K

Ken Schaefer

It would be unusual for a local admin not to be able to access a page *but*
it is possible to remove access to admins from a page. Check the NTFS
permissions.

Next - I would enable auditing for "logon failures" if it's not currently
enabled. You will then see, in the security Event Log, and logon failure
event, recording the account that the server thinks it being used, and a
possible reason why the logon is failing.

What you have setup should work, but for some reason it's not, so we need to
try and work out where it's failing.

Cheers
Ken


: Hi,
:
: > Not only do you have enter a valid user account for the server, but that
: > user account needs to have appropriate NTFS permissions to the actual
file
: > you want to read off the server's hard disk. I would check the NTFS
: > permissions on the server.
:
: User account I try to logon with has admnistrator rights, so it can access
: and file and folder.
:
: Do you have any other suggestion?
:
: Thank you.
:
:
:
: >
: > Cheers
: > Ken
: >
: >
: > : > : Hi,
: > :
: > : I developed a small test app using ASP.NET. I left the vistual folder
to
: > be
: > : accessible only with windows integrated security.
: > : I try to access that app from another PC in my LAN. I don't have a
: domain
: > : controller, the lan works with Workgroup.
: > :
: > : When I access that page, I get a user login dialog, aking me to enter
: > : username / password
: > :
: > : I have an user account on that pc, and try to enter that username, and
: > pass,
: > : but autantication fail and I see that dialog again and again.
: > :
: > : To be more specific
: > :
: > : server pc is called TTMServer
: > : PC I try to connect from is called TTMWS
: > :
: > : On TTMServer I have a user account with administrative privileges,
John,
: > : password John22
: > : On TTMWS I also have an account John, with pass John22, admin account
: type
: > : too
: > :
: > : I work on TTMWS, and I'm logged on account John
: > :
: > : When I try to access my app
: > :
: > : http://ttmserver/Testapp
: > :
: > : I get the user login window.
: > :
: > : I try enter user John or user TTMServer\John, and pass John22, but no
: > luck.
: > : I'm not autenticated, so I cannot see that page
: > :
: > : What I did wrong? How someone over internet, who have a user account
on
: a
: > PC
: > : hosting the web server, can access a app which uses Windows
: autentication
: > ?
: > :
: > : Thank you for any help
: > :
: > :
: > :
: >
: >
:
:
 
N

NWx

Hi,
It would be unusual for a local admin not to be able to access a page *but*
it is possible to remove access to admins from a page. Check the NTFS
permissions.
Click to expand...

This is a test server, so it cannot be accessed over internet
The virtual folder is located on a FAT32 drive, do there is no file or
folder restriction available.
Next - I would enable auditing for "logon failures" if it's not currently
enabled. You will then see, in the security Event Log, and logon failure
event, recording the account that the server thinks it being used, and a
possible reason why the logon is failing.
Click to expand...

Sorry to ask, but how can I do this? I don't know much beside basic settings
(minimum necessary to be able to setup virtual folder for a web app -
ASP.NET, ASP or PHP) about managing IIS.

Actually, I tried connecting to the server again, but probaly I changed
something since last time, and now I get a different behaviour: user logon
form opened by browser has TTMSERVER\Guest filled automatically in user
login, and it is disabled (so I cannot change it to John anymore), so I can
only enter a password.

What could be the reason for this?

Many thanks for your patience.

Cheers
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

asp.net sqlmembershipprovider integrated security 1
Connection pooling & Windows Integrated Security 0
Integrated Windows Authentication not working 1
Integrated authentication login window 0
Integrated Security Issue 10
ASP.NET Integrated Windows Authentication 2
HttpHandler and Windows Integrated Security 0
IIS 7.0 and Windows Integrated Authentication? 1

Members online

No members online now.
Total: 26 (members: 0, guests: 26)
Robots: 131

Forum statistics

Threads
473,776
Messages
2,569,603
Members
45,187
Latest member
RosaDemko

Latest Threads

Top