Integrated Authentication - one way cross forest trust
From: doug (anonymous_at_discussions.microsoft.com)
Date: 02/06/04
- Next message: Umashankar: "Server object, ASP 0177 (0x8007000E) Ran out of memory"
- Previous message: doug: "How to enable Directory Browsing in IIS"
- In reply to: mpriess: "Integrated Authentication - one way cross forest trust"
- Next in thread: mpriess: "Re: Integrated Authentication - one way cross forest trust"
- Reply: mpriess: "Re: Integrated Authentication - one way cross forest trust"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 6 Feb 2004 06:31:03 -0800
Does this help?
http://www.eventid.net/display.asp?eventid=537&source=
doug
>-----Original Message-----
>Hello everyone...here is my issue:
>
>When attempting to access a website on IIS6 we receive a
dialog box to enter
>username and password. If we enter a domain\username
and password of an
>account that is in the same forest that the web server
is in...we are
>authenticated fine and the web page comes up.
>
>However, if, from the same machine we enter in an
account (prefixed with the
>correct domain name) from the trusted domain (an account
that is not in the
>same forest as the web server...but does have
permissions on the web site
>and is in the trusted domain) we are unable to get past
the authentication
>pop up dialog box.
>
>Some other important info:
>There is a one way trust in place. All other
authentication to the trusting
>domain is fine. So, this would lead me to believe it is
specific to IIS.
>Another web server has been brought up and we are
receiving the same auth
>issues. Sharepoint is running on this IIS server but
the proper permission
>have been given to the user we are attempting to
authenticate with so we do
>not believe this has anything to do with the problem.
Also, the firewall
>between both subnets is being monitored and no traffic
related to the
>authentication or web requests is being dropped.
>
>The security event log on the web server shows the
following: (the domain
>name has been changed here)
>
>Event Type: Failure Audit
>Event Source: Security
>Event Category: Logon/Logoff
>Event ID: 537
>Date: 2/6/2004
>Time: 6:17:13 AM
>User: NT AUTHORITY\SYSTEM
>Computer: DAC-NMS
>Description:
>Logon Failure:
> Reason: An error occurred during logon
> User Name: mpriess
> Domain: dom123
> Logon Type: 3
> Logon Process: NtLmSsp
> Authentication Package: NTLM
> Workstation Name: DAC3812
> Status code: 0xC0000413
> Substatus code: 0x0
> Caller User Name: -
> Caller Domain: -
> Caller Logon ID: -
> Caller Process ID: -
> Transited Services: -
> Source Network Address: 172.31.7.55
> Source Port: 4200
>
>For more information, see Help and Support Center at
>http://go.microsoft.com/fwlink/events.asp.
>
>
>.
>
- Next message: Umashankar: "Server object, ASP 0177 (0x8007000E) Ran out of memory"
- Previous message: doug: "How to enable Directory Browsing in IIS"
- In reply to: mpriess: "Integrated Authentication - one way cross forest trust"
- Next in thread: mpriess: "Re: Integrated Authentication - one way cross forest trust"
- Reply: mpriess: "Re: Integrated Authentication - one way cross forest trust"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
