IIS 7 and Above
Last post Nov 29, 2019 09:35 AM by Yuk Ding
Nov 27, 2019 07:10 PM|Hassan.m|LINK
I have a .NET 6 application (asp mvc) running under IIS 10 on Windows 2016 server and cannot get integrated windows authentication working properly as I continue to get prompted for a login. I have set Windows Authentication to enabled in IIS with all other
security types disabled and my application web.config file authentication/authorization is set up as:
<deny users = "?" />
With this setup, I'm expecting behind the scene verification of the Windows user to allow access and deny anonymous users. However, what I'm getting is a Windows login pop-up when I try to access the site.
I really appreciate any help anyone can provide so that I'm still using only windows authentication but don't get the pop-up and the windows authentication is performed against the actual Windows user.
Nov 29, 2019 09:35 AM|Yuk Ding|LINK
If you are accessing your website via IP address or localhost, then IIS would probably use NTLM authentication. If it keep falling, please try to Enable
1.Navigate to registry : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
2.Click on Lsa Registry and add DisableLoopbackCheck registry key as
3.Then double-click the key and Enter 1.
If you are accessing your website via domain name.
For example if your server's AD is a.com and your site's public domain is www.b.com. Then your
website will use Kerberos authentication instead of NTLM you have to register www.b.com as SPN for your AD domain user.