469,270 Members | 1,172 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,270 developers. It's quick & easy.

IIS Security strange things

I have intranet application based on ASP.NET on Win2000AS (Framework 1.1).

Website uses an Integrated Windows Authentication as Authentication method
in IIS and has following security configuration in the web.config

------------------------------------------
<identity impersonate="false" />

<authentication mode="Windows" />
<authorization>
<deny users="?" />
</authorization>

<customErrors defaultRedirect="CustomError.aspx" mode="Off">
<error statusCode="401" redirect="Custom401.html"/>
</customErrors>
------------------------------------------

And everything goes fine for 99.9% users and not for one only, who always
get a popup login window to login this website.
He has WinXP box, with latest browser, like many others, but for any reason
website cannot recognize that user as a valid internal user.

Any ideas? Thank you
Nov 18 '05 #1
4 1070
Hi ,
In IE open Options -> select Security
Select Custom LEVEL -> User Authentication
Check if the user has checked Prompt for user name and password.
If its marked make it to auttomatic login only in intranet zone.
Arvind
"Alexey Smirnov" <re************@smalig.com> wrote in message
news:OS*************@TK2MSFTNGP12.phx.gbl...
I have intranet application based on ASP.NET on Win2000AS (Framework 1.1).

Website uses an Integrated Windows Authentication as Authentication method
in IIS and has following security configuration in the web.config

------------------------------------------
<identity impersonate="false" />

<authentication mode="Windows" />
<authorization>
<deny users="?" />
</authorization>

<customErrors defaultRedirect="CustomError.aspx" mode="Off">
<error statusCode="401" redirect="Custom401.html"/>
</customErrors>
------------------------------------------

And everything goes fine for 99.9% users and not for one only, who always
get a popup login window to login this website.
He has WinXP box, with latest browser, like many others, but for any reason website cannot recognize that user as a valid internal user.

Any ideas? Thank you

Nov 18 '05 #2
Hi, Arvind

yes, he has the default level (medium low) for the intranet zone
and in addition that site inserted in Local Intranet Site List
(Security - Sites - Advanced...)

Alexey
"Arvind P Rangan" <ar******@hotmail.com> wrote in message
news:%2****************@TK2MSFTNGP12.phx.gbl...
Hi ,
In IE open Options -> select Security
Select Custom LEVEL -> User Authentication
Check if the user has checked Prompt for user name and password.
If its marked make it to auttomatic login only in intranet zone.
Arvind
"Alexey Smirnov" <re************@smalig.com> wrote in message
news:OS*************@TK2MSFTNGP12.phx.gbl...
I have intranet application based on ASP.NET on Win2000AS (Framework 1.1).
Website uses an Integrated Windows Authentication as Authentication method in IIS and has following security configuration in the web.config

------------------------------------------
<identity impersonate="false" />

<authentication mode="Windows" />
<authorization>
<deny users="?" />
</authorization>

<customErrors defaultRedirect="CustomError.aspx" mode="Off">
<error statusCode="401" redirect="Custom401.html"/>
</customErrors>
------------------------------------------

And everything goes fine for 99.9% users and not for one only, who always get a popup login window to login this website.
He has WinXP box, with latest browser, like many others, but for any

reason
website cannot recognize that user as a valid internal user.

Any ideas? Thank you


Nov 18 '05 #3
Alexey,
Click on Custom Level
and in that See what is selected for User Authentication.
Arvind
"Alexey Smirnov" <re************@smalig.com> wrote in message
news:%2****************@TK2MSFTNGP12.phx.gbl...
Hi, Arvind

yes, he has the default level (medium low) for the intranet zone
and in addition that site inserted in Local Intranet Site List
(Security - Sites - Advanced...)

Alexey
"Arvind P Rangan" <ar******@hotmail.com> wrote in message
news:%2****************@TK2MSFTNGP12.phx.gbl...
Hi ,
In IE open Options -> select Security
Select Custom LEVEL -> User Authentication
Check if the user has checked Prompt for user name and password.
If its marked make it to auttomatic login only in intranet zone.
Arvind
"Alexey Smirnov" <re************@smalig.com> wrote in message
news:OS*************@TK2MSFTNGP12.phx.gbl...
I have intranet application based on ASP.NET on Win2000AS (Framework 1.1).
Website uses an Integrated Windows Authentication as Authentication method in IIS and has following security configuration in the web.config

------------------------------------------
<identity impersonate="false" />

<authentication mode="Windows" />
<authorization>
<deny users="?" />
</authorization>

<customErrors defaultRedirect="CustomError.aspx" mode="Off">
<error statusCode="401" redirect="Custom401.html"/>
</customErrors>
------------------------------------------

And everything goes fine for 99.9% users and not for one only, who always get a popup login window to login this website.
He has WinXP box, with latest browser, like many others, but for any

reason
website cannot recognize that user as a valid internal user.

Any ideas? Thank you



Nov 18 '05 #4
User Authentication
Logon
Automatic logon only in Intranet zone

-----------------
Any ideas?

Alexey

"Arvind P Rangan" <ar******@hotmail.com> wrote in message
news:uw**************@tk2msftngp13.phx.gbl...
Alexey,
Click on Custom Level
and in that See what is selected for User Authentication.
Arvind
"Alexey Smirnov" <re************@smalig.com> wrote in message
news:%2****************@TK2MSFTNGP12.phx.gbl...
Hi, Arvind

yes, he has the default level (medium low) for the intranet zone
and in addition that site inserted in Local Intranet Site List
(Security - Sites - Advanced...)

Alexey
"Arvind P Rangan" <ar******@hotmail.com> wrote in message
news:%2****************@TK2MSFTNGP12.phx.gbl...
Hi ,
In IE open Options -> select Security
Select Custom LEVEL -> User Authentication
Check if the user has checked Prompt for user name and password.
If its marked make it to auttomatic login only in intranet zone.
Arvind
"Alexey Smirnov" <re************@smalig.com> wrote in message
news:OS*************@TK2MSFTNGP12.phx.gbl...
> I have intranet application based on ASP.NET on Win2000AS (Framework

1.1).
>
> Website uses an Integrated Windows Authentication as Authentication

method
> in IIS and has following security configuration in the web.config
>
> ------------------------------------------
> <identity impersonate="false" />
>
> <authentication mode="Windows" />
> <authorization>
> <deny users="?" />
> </authorization>
>
> <customErrors defaultRedirect="CustomError.aspx" mode="Off">
> <error statusCode="401" redirect="Custom401.html"/>
> </customErrors>
> ------------------------------------------
>
> And everything goes fine for 99.9% users and not for one only, who

always
> get a popup login window to login this website.
> He has WinXP box, with latest browser, like many others, but for any
reason
> website cannot recognize that user as a valid internal user.
>
> Any ideas? Thank you
>
>



Nov 18 '05 #5

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

10 posts views Thread by SmartBloke | last post: by
4 posts views Thread by Archibald | last post: by
15 posts views Thread by osfwofujro | last post: by
13 posts views Thread by raykyoto | last post: by
116 posts views Thread by Mike MacSween | last post: by
reply views Thread by Charles Leonard | last post: by
6 posts views Thread by comp.lang.php | last post: by
4 posts views Thread by tony | last post: by
reply views Thread by suresh191 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.