Integrated Authentication - one way cross forest trust
From: mpriess (mpriess_at_directalliance.com)
Date: 02/06/04
- Next message: Andy K: "Re: Request object error 'ASP 0105 : 80004005' ( Index out of range )"
- Previous message: Bob Barrows: "Re: Request object error 'ASP 0105 : 80004005' ( Index out of range )"
- Next in thread: doug: "Integrated Authentication - one way cross forest trust"
- Reply: doug: "Integrated Authentication - one way cross forest trust"
- Reply: Carroll P. MacDonald: "Re: Integrated Authentication - one way cross forest trust"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 6 Feb 2004 06:23:55 -0700
Hello everyone...here is my issue:
When attempting to access a website on IIS6 we receive a dialog box to enter
username and password. If we enter a domain\username and password of an
account that is in the same forest that the web server is in...we are
authenticated fine and the web page comes up.
However, if, from the same machine we enter in an account (prefixed with the
correct domain name) from the trusted domain (an account that is not in the
same forest as the web server...but does have permissions on the web site
and is in the trusted domain) we are unable to get past the authentication
pop up dialog box.
Some other important info:
There is a one way trust in place. All other authentication to the trusting
domain is fine. So, this would lead me to believe it is specific to IIS.
Another web server has been brought up and we are receiving the same auth
issues. Sharepoint is running on this IIS server but the proper permission
have been given to the user we are attempting to authenticate with so we do
not believe this has anything to do with the problem. Also, the firewall
between both subnets is being monitored and no traffic related to the
authentication or web requests is being dropped.
The security event log on the web server shows the following: (the domain
name has been changed here)
Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 537
Date: 2/6/2004
Time: 6:17:13 AM
User: NT AUTHORITY\SYSTEM
Computer: DAC-NMS
Description:
Logon Failure:
Reason: An error occurred during logon
User Name: mpriess
Domain: dom123
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name: DAC3812
Status code: 0xC0000413
Substatus code: 0x0
Caller User Name: -
Caller Domain: -
Caller Logon ID: -
Caller Process ID: -
Transited Services: -
Source Network Address: 172.31.7.55
Source Port: 4200
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
- Next message: Andy K: "Re: Request object error 'ASP 0105 : 80004005' ( Index out of range )"
- Previous message: Bob Barrows: "Re: Request object error 'ASP 0105 : 80004005' ( Index out of range )"
- Next in thread: doug: "Integrated Authentication - one way cross forest trust"
- Reply: doug: "Integrated Authentication - one way cross forest trust"
- Reply: Carroll P. MacDonald: "Re: Integrated Authentication - one way cross forest trust"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
