IIS Authentication Problem

[rewster]

Hi

I have just installed our intranet behind a ISA Server, I have set the authentication for Integrated Authentication. I have set up the ISA so the site can be viewed by staff at home. When the users type in the url they are asked for their login and it lets them browse. The problem comes when they try to use most things connected with a database, where they get a 401 error.

Any ideas?? Paul Rewston

 

[koquito]

Where is that database?
Is it web enabled?
Do users have read rights over it? A+, MCP, CCNA
marbinpr@hotmail.com

"I just know that I know nothing"
Socrates (469-399 B.C.E.)

 

[rewster]

The database is in a directory database one up from where the .asp page is. The database is a Microsoft MDB, how do I check if it is web enabled?. According to the ODBC DSN connection it is read only, the folder permissions are set to authenticated user read.

It turns out that this seems to only affect users on a UK isp called NTLworld. They use a proxy service. could this cause problems with the authentication, other users at college can get to and use this database without a problem on other ISPs.
Paul Rewston

 

[koquito]

Well , it's not a problem of web enabled if you are using DSN.
MAke sure your outside users are prompted for authentication. You can chek this by going to IExplorer-->Tools-->INternet Options-->Security-->Internet-->Custom level-->allthe way down where it says User Authentication.
A+, MCP, CCNA
marbinpr@hotmail.com

"I just know that I know nothing"
Socrates (469-399 B.C.E.)

 

[koquito]

What I meant was their (outside users) IExplorer. A+, MCP, CCNA
marbinpr@hotmail.com

"I just know that I know nothing"
Socrates (469-399 B.C.E.)

 

[GiaBetiu]

Integrated Authentication is designed for internal networks (NTLM protocol). Once you are having a proxy between clients and the server this will not work. Sometimes is working if the proxy can be configured for this.
Gia Betiu
giabetiu@chello.nl
Computer Eng. CNE 4, CNE 5, MCSE Win2K

 

[koquito]

Yes, that also counts, it depends what kind of authen tication you are using A+, MCP, CCNA
marbinpr@hotmail.com

"I just know that I know nothing"
Socrates (469-399 B.C.E.)

 

[rewster]

Thanks to everyone for all the help so far, the Authentication method does seems to be the problem, I have Integrated and Digest switched on. If I switch off the Integrated, which cannot go through the proxy, even though I get all the pages from home except any that access a database.

The only problem with just digest is that now all users inside the domain behind the firewall now have to authenticate when they use the intranet, which is why I have turn on Ingreated Authentication. Can I get the best of both worlds, ie no password if inside the domain and password when logging in from home.

Thank you Paul Rewston

 

[koquito]

In the intranet try IExplorer-->Tools-->INternet Options-->Security-->Internet-->Custom level-->all the way down where it says User Authentication.-->Automatic logon only in intranet zone.
A+, MCP, CCNA
marbinpr@hotmail.com

"I just know that I know nothing"
Socrates (469-399 B.C.E.)