Integrated authentication and setinfo to AD 1

[micronmega]

i setup a web page that allows our support group to unlock accounts and reset passwords. It works great when i force basic authentication. When i remove basic authentication, and turn on integrated authentication, it fails with access denied on the setinfo command.

I've changed Com to impersonate, and i've made the compter account be trusted for delegation in AD. All my clients are win2k and this is running on iis5. The page is able to identify the person accessing it, for example by doing repsonse.write (request.servervariables("logon_user&quot it returns my account when i access it, and i'm domain admin.

I just want to be able to not use Basic authentication, anyone have any ideas as to what i am missing?

Thanks

 

[jonscott8]

You'll need to set the user accounts to be trusted for delegation as well. I'm also assuming your AD runs in native, not mixed mode.

I've got an article that thoroughly discusses your obstacles, if I can dig up, I'll post.

Jon Hawkins

 

[micronmega]

That article would be great, thanks. I'll try the account delegation too.

 

[jonscott8]

http://www.serverwatch.com/tutorials/article.php/1499741

You'll want the "Accessing Active Directory via Active Server Pages" series, specifically your interest will start with Part 2.

Jon Hawkins