IIS 5.0 IWA - Really need tips to solve this issue

IIS 5.0 IWA - Really need tips to solve this issue

am 02.10.2006 21:08:02 von PadmajaTChavali

Hi,

I am having an issue with IWA. This is the environment in which I am working
in.

Front end - Perl Page displayed on IE 6.0.
Web Server - IIS 5.0
Windows 2k

Default Web Server Properties:

Directory Security tab:
Annoynymous Access & Authentication Control: Integrated Windows
Authentication checkbox is checked.

This is a corporate intranet. We all sign into our desktops using our NT ID
and Password. All through the intranet, there is no need for our
authentication.

It is only when we want to see this perl page which displays financial
information, it is directed to a https site. When we click on this link, a
security certificate displays. We click "yes" and we are directed to this
page.

At the IE (IE6.0) front, within Tools ->Go to Tools > Internet Options>
on the Security Tab > Hightlight "Local Intranet" > click on Custom Level.

Download Signed ActiveX Control is selected.
User authentication settings: Automatic logon only in intranet zone.

Problem:

This web-site works for 99 percent of the people to see their financial
data. However some of the employees are not able to see the information. They
get prompted with a username and password dialog box. They should not be
seeing ths box since there is integrated windows authentication. This
scenario is with thos who work from home using VPNs. Now the windows
authentication is same as the windows authentication for those work from
office. But the VPN has a different set of password and username. VPNs should
not be the cause because it is just a means to get into the network.

Any idea why for these selected people, despite having their IE configured
as mentioned above, they cannot see this site? Any areas you might think
which I should look into...anything I might have missed.

Thanks.
--
Padmaja

Re: IIS 5.0 IWA - Really need tips to solve this issue

am 03.10.2006 02:18:56 von Ken Schaefer

Start by having a look at this article:

IE May Prompt You For a Password
http://support.microsoft.com/?id=258063

Just because you are using IWA doesn't mean that logon is automatic - it is
controlled by the browser.

Secondly, even if the browser attempts an autologon, if the crednetials
supplied are not valid then the user will be prompted to supply alternate
credetials. Look in the IIS logfiles to see what user account the browser is
initially attempting to logon using.

Cheers
ken



"Padmaja T Chavali" wrote in
message news:0A28F486-C784-4584-84C5-05BD3386B94F@microsoft.com...
> Hi,
>
> I am having an issue with IWA. This is the environment in which I am
> working
> in.
>
> Front end - Perl Page displayed on IE 6.0.
> Web Server - IIS 5.0
> Windows 2k
>
> Default Web Server Properties:
>
> Directory Security tab:
> Annoynymous Access & Authentication Control: Integrated Windows
> Authentication checkbox is checked.
>
> This is a corporate intranet. We all sign into our desktops using our NT
> ID
> and Password. All through the intranet, there is no need for our
> authentication.
>
> It is only when we want to see this perl page which displays financial
> information, it is directed to a https site. When we click on this link, a
> security certificate displays. We click "yes" and we are directed to this
> page.
>
> At the IE (IE6.0) front, within Tools ->Go to Tools > Internet Options>
> on the Security Tab > Hightlight "Local Intranet" > click on Custom Level.
>
> Download Signed ActiveX Control is selected.
> User authentication settings: Automatic logon only in intranet zone.
>
> Problem:
>
> This web-site works for 99 percent of the people to see their financial
> data. However some of the employees are not able to see the information.
> They
> get prompted with a username and password dialog box. They should not be
> seeing ths box since there is integrated windows authentication. This
> scenario is with thos who work from home using VPNs. Now the windows
> authentication is same as the windows authentication for those work from
> office. But the VPN has a different set of password and username. VPNs
> should
> not be the cause because it is just a means to get into the network.
>
> Any idea why for these selected people, despite having their IE configured
> as mentioned above, they cannot see this site? Any areas you might think
> which I should look into...anything I might have missed.
>
> Thanks.
> --
> Padmaja