« Previous Next »

• 12-11-2008, 3:29 PM

  alan.smithee Joined on 12-11-2008, 3:07 PM Posts 2

  Basic Authentication vs. Integrated Windows Authentication - Default Domain Reply Contact Hi, Can I set a default domain when using Integrated Windows Authentication?  If I choose Basic Authentication under the Directory Security tab, I am allowed to choose a default domain that users are authenticated against, but I'd rather use Integrated Windows Auth.  However, if I choose Integrated Windows Authentication, it defaults to the local web server that the site is running on.  So, when users get prompted to log in, they have to remember to put the domain in front of their login name, which I'd like to avoid.  This is for an intranet application written in ASP.NET 2.0 running on IIS 5/Windows 2000 web server authenticating against Active Directory.  Thanks, AS

• 12-11-2008, 3:55 PM

  In reply to

  Egon Joined on 05-23-2006, 8:10 PM Italy (BZ) Posts 12	Re: Basic Authentication vs. Integrated Windows Authentication - Default Domain Reply Contact Are you sure that IE is trying to log on? By default IE only logs on automatically to Websites in its Intranet Zone. ~egon

• 12-11-2008, 4:27 PM

  In reply to

  tomkmvp Joined on 03-20-2003, 10:27 AM Central NJ Posts 6,158

  Re: Basic Authentication vs. Integrated Windows Authentication - Default Domain Reply Contact No, and by definition that does not make sense.  The "default" domain is the same domain that the client computer is logged onto.  When configured correctly, the user is never prompted and his domain credentials are passed by the browser.  Is IE configured for this? http://support.microsoft.com/kb/258063 Tom Kaminski IIS MVP http://mvp.support.microsoft.com/ http://blogs.iis.net/tomkmvp/ http://www.linkedin.com/pub/8/690/408 http://www.bluesrepublic.org/

• 12-11-2008, 4:42 PM

  In reply to

  Egon Joined on 05-23-2006, 8:10 PM Italy (BZ) Posts 12	Re: Basic Authentication vs. Integrated Windows Authentication - Default Domain Reply Contact Hi Tom, on my experience User Domain Information is included in NTLM/Negotiate during a Autologon. So no Default Domain information is needet. But if AuthN fails or Autologon is disabled IE asks for Username/Password. The Default Domain for this Popup can be changed? ~egon

• 12-12-2008, 8:15 AM

  In reply to

  tomkmvp Joined on 03-20-2003, 10:27 AM Central NJ Posts 6,158	Re: Basic Authentication vs. Integrated Windows Authentication - Default Domain Reply Contact No it can't. Tom Kaminski IIS MVP http://mvp.support.microsoft.com/ http://blogs.iis.net/tomkmvp/ http://www.linkedin.com/pub/8/690/408 http://www.bluesrepublic.org/

• 12-13-2008, 11:55 AM

  In reply to

  alan.smithee Joined on 12-11-2008, 3:07 PM Posts 2

  Re: Basic Authentication vs. Integrated Windows Authentication - Default Domain Reply Contact Thanks Tom, that makes sense and I found out the problem from the link you sent.  IE didn't think the site was in the intranet because I used the FQDN and it wasn't in my trusted sites.  By just using the server name, e.g. http://mysite/myapp/mypage.aspx, IE considered the request local and integrated auth worked (no prompt).  Thanks!