IIS 5 & IIS 6
Basic Authentication vs. Integrated Windows Authentication - Default...
Last post Dec 13, 2008 11:55 AM by alan.smithee
Dec 11, 2008 03:29 PM|alan.smithee|LINK
Can I set a default domain when using Integrated Windows Authentication? If I choose Basic Authentication under the Directory Security tab, I am allowed to choose a default domain that users are authenticated against, but I'd rather use Integrated Windows
Auth. However, if I choose Integrated Windows Authentication, it defaults to the local web server that the site is running on. So, when users get prompted to log in, they have to remember to put the domain in front of their login name, which I'd like to
avoid. This is for an intranet application written in ASP.NET 2.0 running on IIS 5/Windows 2000 web server authenticating against Active Directory.
Dec 11, 2008 03:55 PM|Egon|LINK
Are you sure that IE is trying to log on? By default IE only logs on automatically to Websites in its Intranet Zone.
Dec 11, 2008 04:27 PM|tomkmvp|LINK
No, and by definition that does not make sense. The "default" domain is the same domain that the client computer is logged onto. When configured correctly, the user is never prompted and his domain credentials are passed by the browser. Is IE configured
Dec 11, 2008 04:42 PM|Egon|LINK
Hi Tom, on my experience User Domain Information is included in NTLM/Negotiate during a Autologon. So no Default Domain information is needet.
But if AuthN fails or Autologon is disabled IE asks for Username/Password.
The Default Domain for this Popup can be changed?
Dec 12, 2008 08:15 AM|tomkmvp|LINK
No it can't.
Dec 13, 2008 11:55 AM|alan.smithee|LINK
Thanks Tom, that makes sense and I found out the problem from the link you sent. IE didn't think the site was in the intranet because I used the FQDN and it wasn't in my trusted sites. By just using the server name, e.g.
http://mysite/myapp/mypage.aspx, IE considered the request local and integrated auth worked (no prompt).