IIS 7 and Above
PrintRelease solution, Authentication and ISS
Last post Oct 11, 2018 01:22 PM by nkaretnikov
Oct 03, 2018 02:58 PM|nkaretnikov|LINK
So, there is this PrintRelease solution developed by some vendor and it runs on IIS 7.0, Windows 2012R2, .NET 4.6.2
They have implemented a private portal for users to upload documents into print queue.
In this portal users logon with their AD accounts.
It is noticed that sometimes IIS demands AD credentials and then does not (behavior varies from installation to installation. Within one setup it is either ON or OFF).
Would you please tell which information should be gathered to further investigate the reason?
Oct 04, 2018 06:18 AM|Terry Peng|LINK
>>It is noticed that sometimes IIS demands AD credentials and then does not (behavior varies from installation to installation. Within one setup it is either ON or OFF).
According to your description, Installation with one option ON make IIS demands Ad credentials and installation with the option OFF make IIS not demands Ad credentials, right? It sounds a correct result decided by design. So what's your problem now?
If you want to change an installed solution from OFF to ON, you could try to re-install the solution.
I think if IIS demands on Ad credentials should be related to the authentication setting. If you do not want to re-install the solution, please check the differences between authentications on the installation with the option ON or OFF. If they are different,
change the setting as the setting on installation with option ON.
By the way, I think the quickly solution should come from the development team. I would suggest you try to contact your vendor for help too.
Oct 05, 2018 10:30 AM|nkaretnikov|LINK
Thank you for the answer!
Indeed from the description I gave it may seem as a trivial thing.
However, neither of the suggested ways to proceed can not be done easily or fast.
Vendor only sells the package and has little interest in dealing with IIS.
Comparing is also impossible as various instances of the product are installed all around Russia and could not be accessed remotely.
In my LAB where the product is installed the IIS asks for login\password and I have no idea which options of the software\IIS control this behavior.
In general, is it up to a software to implement single sign on or is it up to IIS's configuration?
Oct 11, 2018 09:42 AM|Terry Peng|LINK
How do you know it is IIS asking for login/password? What happened?
If your application has a single page for signing in, it should be your application implement sign. In this situation, you have to connect to the development team for help.
If it is just the browser prompt for signing in, the site maybe disabled anonymous authentication and required windows authentication. You could try to go to Authentication to disable Windows Authentication and enable Anonymous Authentication.
Oct 11, 2018 01:22 PM|nkaretnikov|LINK
Thank you, Terry!
I did not think of authentication that vendor could implement. That makes a lot of sense now.