Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Automatic authentication on Intranet 1

Status
Not open for further replies.

delsdba

Programmer
Oct 4, 2005
4
GB
Hi, I am fixing an ASP.NET Intranet and trying to authenticate users without using a password dialogue.

I have Windows authentication and impersonate on.

In the web.config file if I have something like
<system.web>
<authorization>
<allow users="myDomain\allowedgroup" />
</authorization>
</system.web>
then users can access the area fine

However as soon as I change it to
<system.web>
<authorization>
<allow users="myDomain\allowedgroup" />
<deny users ="*"/>
</authorization>
</system.web>
then users are asked for their username / password.

After they have supplied it they are fine but I would really like to remove this requirement.


We are on an Intranet so there must be a way of Windows passing IIS the required details.


In Directory Security tab of IIS I only have "Windows Integrated Authentication" enabled.


What change would be required for Windows / IE to pass the user/pass to IIS ?


Thanks in advance,
Dels
 
check out my FAQ - faq855-5377

what is the URL of your intranet site?
is it like webserver.domain.internal?

<system.web>
<authentication mode="Windows" />
<identity impersonate="true" />

<authorization>
<allow roles="DOMAIN\Domain Users"/>
<deny users="*"/>
</authorization>
</system.web>
 
thanks...
if its not the auth mode in web config, i think its like my buried comment at the bottom of the FAQ..(wrote it 2 years ago) so a little spaghetti on the coding.

One final point is that if you access your Intranet via IE5.5 or greater, AND you use the FQDN to connect ( then IWA will still prompt you for your credential UNLESS you add the site to your Intranet Zone in IE Internet Options. OR YOU CAN access the site WITHOUT a dot ( then it wont prompt you! It will be transparent.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top