Re: Integrated Authentication - one way cross forest trust
From: Carroll P. MacDonald (!0000_at_!00.000)
Date: 02/06/04
- Next message: sighs: "Sighs"
- Previous message: Carroll P. MacDonald: "Re: How to enable Directory Browsing in IIS"
- In reply to: mpriess: "Integrated Authentication - one way cross forest trust"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 6 Feb 2004 12:31:32 -0400
You must set the permissions in IIS (MMC) and on the folder you are
connecting to. You can specify specific users and where they are allowed to
log into or browse.
-- Thank you for your time and have a great day, Carroll P. MacDonald http://www.pegusisfreeware.com/ "mpriess" <mpriess@directalliance.com> wrote in message news:OkoD6RL7DHA.260@TK2MSFTNGP11.phx.gbl... > Hello everyone...here is my issue: > > When attempting to access a website on IIS6 we receive a dialog box to enter > username and password. If we enter a domain\username and password of an > account that is in the same forest that the web server is in...we are > authenticated fine and the web page comes up. > > However, if, from the same machine we enter in an account (prefixed with the > correct domain name) from the trusted domain (an account that is not in the > same forest as the web server...but does have permissions on the web site > and is in the trusted domain) we are unable to get past the authentication > pop up dialog box. > > Some other important info: > There is a one way trust in place. All other authentication to the trusting > domain is fine. So, this would lead me to believe it is specific to IIS. > Another web server has been brought up and we are receiving the same auth > issues. Sharepoint is running on this IIS server but the proper permission > have been given to the user we are attempting to authenticate with so we do > not believe this has anything to do with the problem. Also, the firewall > between both subnets is being monitored and no traffic related to the > authentication or web requests is being dropped. > > The security event log on the web server shows the following: (the domain > name has been changed here) > > Event Type: Failure Audit > Event Source: Security > Event Category: Logon/Logoff > Event ID: 537 > Date: 2/6/2004 > Time: 6:17:13 AM > User: NT AUTHORITY\SYSTEM > Computer: DAC-NMS > Description: > Logon Failure: > Reason: An error occurred during logon > User Name: mpriess > Domain: dom123 > Logon Type: 3 > Logon Process: NtLmSsp > Authentication Package: NTLM > Workstation Name: DAC3812 > Status code: 0xC0000413 > Substatus code: 0x0 > Caller User Name: - > Caller Domain: - > Caller Logon ID: - > Caller Process ID: - > Transited Services: - > Source Network Address: 172.31.7.55 > Source Port: 4200 > > For more information, see Help and Support Center at > http://go.microsoft.com/fwlink/events.asp. > >
- Next message: sighs: "Sighs"
- Previous message: Carroll P. MacDonald: "Re: How to enable Directory Browsing in IIS"
- In reply to: mpriess: "Integrated Authentication - one way cross forest trust"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
