| Author |
 Topic  |
|
|
Nikkol
Forum Moderator
USA
6907 Posts |
 Posted - 20 June 2003 : 20:21:01
|
Maybe I'm just tired, but I'm having a heck of a time setting up a new forum using NT authentication. Here's what I've done:
Created a folder for the forum and made sure that the NTFS permissions on the folder were set so that only Domain Users, Administrators and SYSTEM showed.
Under IIS Manager, I set the properties Directory Security for that folder so that Anonymouse was uncheck and both Basic and Windows Integrated were checked.
Problem is, when I go to my new forum it never prompts me for my domain username and password ... I assume it is reading cookie info, but shouldn't the NTFS permissions that I set on the folder insure that a username and password are entered each time the forum is visited? I want to make sure that the username and password MUST be entered.
Thanks |
Nikkol ~ Help Us Help You | ReadMe | 3.4.03 fixes | security fixes ~ |
|
|
Nikkol
Forum Moderator
USA
6907 Posts |
Posted - 20 June 2003 : 21:41:35
|
I tried deleting the cookie and that didn't help.
On top of it ... I don't have to enter a password to get into admin options. Is that normal?
Still need help with why I can access the site without having to put in a password. |
Nikkol ~ Help Us Help You | ReadMe | 3.4.03 fixes | security fixes ~ |
 |
|
|
RichardKinser
Snitz Forums Admin
USA
16655 Posts |
Posted - 20 June 2003 : 21:45:42
|
| I've never used NT Authentication, and I've never really even looked at the code that is used for it. But, I'm think that it uses the same username/password that you used to login to Windows. |
|
|
|
Nikkol
Forum Moderator
USA
6907 Posts |
Posted - 20 June 2003 : 22:03:21
|
Yeah, but I'm not on our network right now. I'm accessing from the Internet, so you'd think it would prompt me for a username and password.
I ended up doing three things and I'm not sure which ended up making it work: I set it to use Basic Authentication and SSL only. I also have it configured as it's own application. One of those things seemed to have done the trick.
However, it's quite disconcerting that just setting the NTFS permissions and unchecking anonymous accessing wasn't enough. |
Nikkol ~ Help Us Help You | ReadMe | 3.4.03 fixes | security fixes ~ |
|
|
|
Gremlin
General Help Moderator
New Zealand
7528 Posts |
Posted - 20 June 2003 : 22:48:34
|
| Could the delay in the Browser Session expring account for why things didn't seem to "change" immedaitely ? or did you restart your browser between attempts ? |
Kiwihosting.Net - The Forum Hosting Specialists
|
|
|
|
Francodepaw
Junior Member
USA
111 Posts |
Posted - 20 June 2003 : 22:57:17
|
Mine is Intranet based, (1) Login and many Resource domains across the country.
Normal depends on how your network is set up. If your server is in DNS/WINS, you are logged into your login domain account and browse to http://myserver/ you will not be prompted for NT autentication.
If I browse to http://myserver.mydomain.com/ I am prompted to Authenticate. We set our users to have domain completion appended to their host name. Internet Explorer is not very bright it doesn't realize the my site is internal. To avoid being prompted we add http://myserver.mydomain.com/ to Local internet sites on security tab of Internet Explorer on the users pc. This is NT pass-through authentication.
Over VPN on a WINXP PC I add my resource domain to the manage network passwords dialog and I can log into my VPN and tunnel to my Intranet forum w/o being prompted to authenticate with NT.
Not being prompted to log in can be one of many things.
Trying to think back but I believe I have Basic Authentication unchecked as well. Will verify when I get back to work on Monday. |
|
|
|
Nikkol
Forum Moderator
USA
6907 Posts |
Posted - 20 June 2003 : 23:11:37
|
quote:
Originally posted by Gremlin
Could the delay in the Browser Session expring account for why things didn't seem to "change" immedaitely ? or did you restart your browser between attempts ?
I closed all browsers several times trying to troubleshoot it. |
Nikkol ~ Help Us Help You | ReadMe | 3.4.03 fixes | security fixes ~ |
|
|
|
Nikkol
Forum Moderator
USA
6907 Posts |
Posted - 20 June 2003 : 23:13:04
|
quote:
Originally posted by Francodepaw
Mine is Intranet based, (1) Login and many Resource domains across the country.
Normal depends on how your network is set up. If your server is in DNS/WINS, you are logged into your login domain account and browse to http://myserver/ you will not be prompted for NT autentication.
If I browse to http://myserver.mydomain.com/ I am prompted to Authenticate. We set our users to have domain completion appended to their host name. Internet Explorer is not very bright it doesn't realize the my site is internal. To avoid being prompted we add http://myserver.mydomain.com/ to Local internet sites on security tab of Internet Explorer on the users pc. This is NT pass-through authentication.
Over VPN on a WINXP PC I add my resource domain to the manage network passwords dialog and I can log into my VPN and tunnel to my Intranet forum w/o being prompted to authenticate with NT.
Not being prompted to log in can be one of many things.
Trying to think back but I believe I have Basic Authentication unchecked as well. Will verify when I get back to work on Monday.
Like I said, I am outside the network right now and am not using VPN, so it should have prompted me for a password but did not. |
Nikkol ~ Help Us Help You | ReadMe | 3.4.03 fixes | security fixes ~ |
|
|
| |
Topic |
|
Topic Locked
