NTLM Authentication on IIS 6.0
am 07.11.2006 23:45:54 von kaverorzi
I have an Intranet site set up on IIS 6.0 and have an intermitten
problem. A couple of areas on the Intranet are restricted. We have
Windows Intergrated Authentication enabled on the couple of pages that
require access. I have a security group set up with only the users who
require access and the group has full control. No other account has
access. The problem happens to everyone in the security group.
Sometimes a user can go for two weeks without being prompted for
username/password and sometimes it happens two or three times a day.
When I click the link and am prompted, I use my userid/password and
authentacation fails. I use the administrator un/pw and that fails.
Other users use their logons and fails also. Now everytime I am
prompted and use the local administrator username/password for that
server, it works everytime. I know that NtAuthenticationProviders is
set to Negotiate,NTLM since that is supposed to be the default, and I
never changed it. The following is logged to the security log when
unable to access the intranet page:
11/7/2006 4:32:35 PM Security Failure Audit Account Logon 680 NT
AUTHORITY\SYSTEM FEC-2KNT4 "Logon attempt
by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
Logon account: administrator
Source Workstation: IT_OPERATOR
Error Code: 0xC000006A
The 529 event it also will show up but that is the usual logon failure
I often see returned for all kinds of authentacition problems.
I can't seem to be able to figure out what I have configured wrong and
why it is intermitten. If it failed every single time this wouldn't
seem as strange to me. Any suggestions would be greatly appreciated.
Thanks!
Rick
Re: NTLM Authentication on IIS 6.0
am 09.11.2006 10:07:40 von Ken Schaefer
0xC000006A = STATUS_WRONG_PASSWORD
You may wish to check that you don't have any issues with the webserver
connecting to the Domain Controller to verify usernames/passwords
Cheers
Ken
wrote in message
news:1162939554.082625.192970@m7g2000cwm.googlegroups.com...
>I have an Intranet site set up on IIS 6.0 and have an intermitten
> problem. A couple of areas on the Intranet are restricted. We have
> Windows Intergrated Authentication enabled on the couple of pages that
> require access. I have a security group set up with only the users who
> require access and the group has full control. No other account has
> access. The problem happens to everyone in the security group.
> Sometimes a user can go for two weeks without being prompted for
> username/password and sometimes it happens two or three times a day.
> When I click the link and am prompted, I use my userid/password and
> authentacation fails. I use the administrator un/pw and that fails.
> Other users use their logons and fails also. Now everytime I am
> prompted and use the local administrator username/password for that
> server, it works everytime. I know that NtAuthenticationProviders is
> set to Negotiate,NTLM since that is supposed to be the default, and I
> never changed it. The following is logged to the security log when
> unable to access the intranet page:
> 11/7/2006 4:32:35 PM Security Failure Audit Account Logon 680 NT
> AUTHORITY\SYSTEM FEC-2KNT4 "Logon attempt
> by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
> Logon account: administrator
> Source Workstation: IT_OPERATOR
> Error Code: 0xC000006A
>
> The 529 event it also will show up but that is the usual logon failure
> I often see returned for all kinds of authentacition problems.
>
> I can't seem to be able to figure out what I have configured wrong and
> why it is intermitten. If it failed every single time this wouldn't
> seem as strange to me. Any suggestions would be greatly appreciated.
>
> Thanks!
>
> Rick
>
Re: NTLM Authentication on IIS 6.0
am 09.11.2006 21:28:02 von kaverorzi
kaverorzi@gmail.com wrote:
> I have an Intranet site set up on IIS 6.0 and have an intermitten
> problem. A couple of areas on the Intranet are restricted. We have
> Windows Intergrated Authentication enabled on the couple of pages that
> require access. I have a security group set up with only the users who
> require access and the group has full control. No other account has
> access. The problem happens to everyone in the security group.
> Sometimes a user can go for two weeks without being prompted for
> username/password and sometimes it happens two or three times a day.
> When I click the link and am prompted, I use my userid/password and
> authentacation fails. I use the administrator un/pw and that fails.
> Other users use their logons and fails also. Now everytime I am
> prompted and use the local administrator username/password for that
> server, it works everytime. I know that NtAuthenticationProviders is
> set to Negotiate,NTLM since that is supposed to be the default, and I
> never changed it. The following is logged to the security log when
> unable to access the intranet page:
> 11/7/2006 4:32:35 PM Security Failure Audit Account Logon 680 NT
> AUTHORITY\SYSTEM FEC-2KNT4 "Logon attempt
> by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
> Logon account: administrator
> Source Workstation: IT_OPERATOR
> Error Code: 0xC000006A
>
> The 529 event it also will show up but that is the usual logon failure
> I often see returned for all kinds of authentacition problems.
>
> I can't seem to be able to figure out what I have configured wrong and
> why it is intermitten. If it failed every single time this wouldn't
> seem as strange to me. Any suggestions would be greatly appreciated.
>
> Thanks!
>
> Rick
I think I left out something that may be important. The web server is
running under a local account. That hasn't been a problem so far. I can
access the shared folders on that server no problem from the other
servers and workstations. Normal Intranet pages work fine also. Of
course when I am on the web server and want to access another server I
must supply some credentials. Could not having that server run under a
domain account be causing the problem intermittently? From my
understanding it shouldn't matter but I have been wrong before.
Thanks!
Rick