My network environment consists of a domain with active directory(Win 2003
Server). My web application sits on IIS located outside the domain. The web
application is accessible through port 80 and without single sign on,
requires user to enter username/password to gain access to the web
application contents. A common identity has been constructed and stored in
LDAP (open ldap- port 389 is open) located inside the domain. This common
identity is the user's username used to logon to the domain/active
directory.
To achieve single sign on, it is expected that when a user logons to the
domain/active directory, he/she could access the web application (which sits
on IIS outside the domain) without having to go through the logon process
again. That means the user's credential (username) must be send over to the
IIS which will use it to authenticate against LDAP sitting inside the
domain. If the user is authenticated, the logon page will be by passed
allowing user a direct access to the web application content.
My question:
1. Can Microsft ISA server solve the above mentioned scenario ?
2. Is there a need to develop a filter on ISA server to achieve the above ?
Unknown Domain user - domain authentication appears limited ...IIS or Domain problem, it appears that it is actually a security ... When I tried this on the new server configuration I received the following ... due to the following error: Logon failure: the user has not been granted the ...requested logon type at this computer. ... (microsoft.public.windows.server.security)
Re: Users no longer authenticate on W2k-svr ... Prefix the username with the target machinename. ..."Jutta" wrote in message ... > The W2k server is a standalone server which is used for ... > c$] and I get a login prompt, I also cannot logon.... (microsoft.public.win2000.networking)
Re: Anonymous works 1 Day ?? ... - This server IS member of a domain. ... There is no group policy...logon type permission... ... I cleared the "Allow IIS to control password" and it SEEMS ... (microsoft.public.inetserver.iis.security)
Re: [PHP] Authentication ... If memory doesn't fail me, if you work with IIS and protect the source pages of the application so that IUSR_xxxxx doesn't have access to those files and instead grant access to the NT users or groups which you want, the IIS when working with IE clients will take care of that as long as they are all in the same domain. ... I did it with IIS 3 and IE4 and it worked, I am not completely sure about the details, but it is something you do in the server administration and you don't need to do any programming at all, if the person reaches the page it is because it is who he says it is. ... Otherwise, no browser will give you access to any sensitive information on the client machine, nothing that someone, anyone, might pick on the server side just by receiving a page request.... If you can find a JavaScript function to snoop the username,... (php.general)
Re: Need to find out the IP of someone trying to hack a server ... If you know that it's IIS, then it most likely is OWA or some other Website ... If all the connections in the IIS logs show the IP address of the ISA server,... I'm getting logon type 8, ... Having trouble finding a list of logon types referenced in event viewer. ... (microsoft.public.isa)
