Keep prompting for credential in accessing a website

Hi,

I have an intranet website using IIS 6.0 on a Win2003 server. It was
written in ASP.NET. In the IIS manager, I set up Authenticated access
to "Digest authentication for Window domain" with a valid Realm (with
a valid domain)

This works for everyone except one internal user. And the credential
that he is using is also valid, same credentials he uses for logging
onto the network.

If I check-off "Integrated Windows authentication" box in IIS, it
works perfectly for this user, however, when the user is prompt for
authentication dialogue box , he has to put in the domain in the user
name as well, i.e. domain\username, instead of just the username.

The whole reason of not having the "integrated window authentication"
is because users are complaining about typing that extra "domain" in
the username.

Can anyone please let me know why this particular user can't get
passed the authentication stage when "Integrated Windows
authentication" is unchecked? I really need to keep this option. And
this user need to access the site ASAP.

Please advice.

Thanks in advance. Your help would be greatly appreciated.

Re: Keep prompting for credential in accessing a website

sweetpotatop@yahoo.com wrote on Thu, 21 Jun 2007 06:34:33 -0700:

> Hi,
>
> I have an intranet website using IIS 6.0 on a Win2003 server. It was
> written in ASP.NET. In the IIS manager, I set up Authenticated access
> to "Digest authentication for Window domain" with a valid Realm (with
> a valid domain)
>
> This works for everyone except one internal user. And the credential
> that he is using is also valid, same credentials he uses for logging
> onto the network.
>
> If I check-off "Integrated Windows authentication" box in IIS, it
> works perfectly for this user, however, when the user is prompt for
> authentication dialogue box , he has to put in the domain in the user
> name as well, i.e. domain\username, instead of just the username.
>
> The whole reason of not having the "integrated window authentication"
> is because users are complaining about typing that extra "domain" in
> the username.
>
> Can anyone please let me know why this particular user can't get
> passed the authentication stage when "Integrated Windows
> authentication" is unchecked? I really need to keep this option. And
> this user need to access the site ASAP.
>
> Please advice.
>
> Thanks in advance. Your help would be greatly appreciated.

It would help if you included the details of which browser, including
version, this person is using, and whether they have any "security" software
installed (eg Norton Internet Security, ZoneAlarm, etc).

You could use Integrated Windows auth and have you users add the site
address to their Trusted Sites list - this will mean that if their logon
credentials match their Windows login name and password, they will
automatically login to the intranet site without seeing a login dialog.

Dan

Re: Keep prompting for credential in accessing a website

On Jun 22, 3:48 am, "Daniel Crichton" wrote:
> sweetpota...@yahoo.com wrote on Thu, 21 Jun 2007 06:34:33 -0700:
>
>
>
>
>
> > Hi,
>
> > I have an intranet website usingIIS6.0 on a Win2003 server. It was
> > written in ASP.NET. In theIISmanager, I set up Authenticated access
> > to "Digest authentication for Window domain" with a valid Realm (with
> > a valid domain)
>
> > This works for everyone except one internal user. And the credential
> > that he is using is also valid, same credentials he uses for logging
> > onto the network.
>
> > If I check-off "Integrated Windows authentication" box inIIS, it
> > works perfectly for this user, however, when the user is prompt for
> > authentication dialogue box , he has to put in the domain in the user
> > name as well, i.e. domain\username, instead of just the username.
>
> > The whole reason of not having the "integrated window authentication"
> > is because users are complaining about typing that extra "domain" in
> > the username.
>
> > Can anyone please let me know why this particular user can't get
> > passed the authentication stage when "Integrated Windows
> > authentication" is unchecked? I really need to keep this option. And
> > this user need to access the site ASAP.
>
> > Please advice.
>
> > Thanks in advance. Your help would be greatly appreciated.
>
> It would help if you included the details of which browser, including
> version, this person is using, and whether they have any "security" software
> installed (eg Norton Internet Security, ZoneAlarm, etc).
>
> You could use Integrated Windows auth and have you users add the site
> address to their Trusted Sites list - this will mean that if their logon
> credentials match their Windows login name and password, they will
> automatically login to the intranet site without seeing a login dialog.
>
> Dan- Hide quoted text -
>
> - Show quoted text -

Here is what happens:
I log in to my machine with my own network credential
-- if I log onto that site with my network credential it is fine.
-- if I am using that picticular user's credential it doesn't work. So
I belive it is nothing to do with the version of IE or installe
software.

What else can you suggest? Thanks in advance.
Wanda

Re: Keep prompting for credential in accessing a website

This might be browser related. A couple of things to check:

Go to the Internet Options on this user's browser and click on the security
tab. Then highlight the Local Intranet Icon on that window. Click on the
custom button and look and see if the Auto Logon only in Intranet Zone option
is selected. If it is, then go to the Advanced button and see if the URL(s)
that the user is accessing is in the Local Intranet Zone. If they are not,
then add them. You can also use a wildcard in the URL to cover multiple
aliases and addresses.

What happens is that if you are using auto logon only in the Intranet zone
and there are no entries in the Intranet zone, then IE does not know what to
do with the credentials and it does not know what to supply for credentials.
The part I can never figure out is why when you enter in your UserID and
password correctly does the logon prompt keep popping up? That part seems
buggy to me. However, i have never had this adding URL's in the intranet zone
not resolve this issue.

Good Luck

"sweetpotatop@yahoo.com" wrote:

> On Jun 22, 3:48 am, "Daniel Crichton" wrote:
> > sweetpota...@yahoo.com wrote on Thu, 21 Jun 2007 06:34:33 -0700:
> >
> >
> >
> >
> >
> > > Hi,
> >
> > > I have an intranet website usingIIS6.0 on a Win2003 server. It was
> > > written in ASP.NET. In theIISmanager, I set up Authenticated access
> > > to "Digest authentication for Window domain" with a valid Realm (with
> > > a valid domain)
> >
> > > This works for everyone except one internal user. And the credential
> > > that he is using is also valid, same credentials he uses for logging
> > > onto the network.
> >
> > > If I check-off "Integrated Windows authentication" box inIIS, it
> > > works perfectly for this user, however, when the user is prompt for
> > > authentication dialogue box , he has to put in the domain in the user
> > > name as well, i.e. domain\username, instead of just the username.
> >
> > > The whole reason of not having the "integrated window authentication"
> > > is because users are complaining about typing that extra "domain" in
> > > the username.
> >
> > > Can anyone please let me know why this particular user can't get
> > > passed the authentication stage when "Integrated Windows
> > > authentication" is unchecked? I really need to keep this option. And
> > > this user need to access the site ASAP.
> >
> > > Please advice.
> >
> > > Thanks in advance. Your help would be greatly appreciated.
> >
> > It would help if you included the details of which browser, including
> > version, this person is using, and whether they have any "security" software
> > installed (eg Norton Internet Security, ZoneAlarm, etc).
> >
> > You could use Integrated Windows auth and have you users add the site
> > address to their Trusted Sites list - this will mean that if their logon
> > credentials match their Windows login name and password, they will
> > automatically login to the intranet site without seeing a login dialog.
> >
> > Dan- Hide quoted text -
> >
> > - Show quoted text -
>
> Here is what happens:
> I log in to my machine with my own network credential
> -- if I log onto that site with my network credential it is fine.
> -- if I am using that picticular user's credential it doesn't work. So
> I belive it is nothing to do with the version of IE or installe
> software.
>
> What else can you suggest? Thanks in advance.
> Wanda
>
>
>