Re: Passthrough Authentication For Network Resources

From: David Wang [Msft] (someone_at_online.microsoft.com)
Date: 07/21/04 

Date: Wed, 21 Jul 2004 00:10:34 -0700

Read this URL to understand what you are configuring:
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/webapp/iis/remstorg.mspx

You are not configuring Pass-through authentication if you set the UNC
Username/Password -- nor have you stated what authentication protocol is
used -- so it is not clear what you're trying to do.

Pass-through authentication means that the user who authenticates with the
web server is used to access remote resources, like UNC shares, from the web
server. On IIS5, this only works if you use Basic authentication or
Kerberos within an Active Directory. On IIS6, this works with Basic as well
as any authentication protocol on the web server if you use Active Directory
and Protocol-transitioning.

All this info, and more, is in the URL... so I suggest you read and
configure what you want. 

-- 
//David
IIS
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"Daric Smith" <Daric Smith@discussions.microsoft.com> wrote in message
news:3B3FABBD-B2D5-4F65-8C2B-4AEBC0968575@microsoft.com...
I have the following situation:
1. A user connects to the website.
2. The code allows me to view a directory structure and file list of a local
or remote folder.
3. Under the website, we created a virtual folder that (using a UNC path)
points to a network resource.  We have set the log-on credentials for that
of a domain user account (using 'domain\user'
The problem is, in IIS if you click on the virtual folder pointing to the
network share, it is like it doesn't know how to use the supplied
credentials in the 'connect as' box.  It just says could not log on to
request resource.  And if we try the website, the folder's are not listed
But, if we connect mannually (either through 'Start -> run -> UNC' or
through mapping,) then try the website, it works perfectly.  It seems as
though IIS is not using the supplied credentials.
Am I setting the log in credentials incorrectly?  Will IIS not connect to a
network share using domain credentials?  Is my web server authentication in
general screwed up?
Let me know if you have questions to clarify.  Thank you

Relevant Pages

  • Re: Login info over unsecure connection
    ... If you are trying to use unc to access a network share, ... challenge/response password challenge is still used for authentication and data is ... W2K/XP Pro computer [one connection limit] or possibly even an ipsec tunnel [not ...
    (microsoft.public.win2000.security)
  • Re: Strange password behavior with Linux
    ... Sounds like you are talking about having a vdir whose physical directory is ... If you configure the UNC Username/password for a vdir, ... authentication, where the authenticate user is used to access the UNC share. ... fileserver together with appropriate user/pass. ...
    (microsoft.public.inetserver.iis.security)
  • Re: shared folder access
    ... Did you use adsutil.vbs to delete the UNC parameters, or did you try to use ... >>account delegation from your physical server running IIS ... >>Your first option is to use Basic Authentication in IIS ... >>This will remove the UNC user token credentials ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: webdav + virtual directories
    ... Make sure to NEVER specify the UNC Username/password. ... Use a delegatable authentication scheme so that IIS can actually use the ... "I want iis to use the credentials supplied by the user at the time of login ...
    (microsoft.public.inetserver.iis)
  • Re: Log on locally fro basic authentication
    ... Yes I can establish a UNC when sharing permissions include users of the ... remote domain and the error I get is 401.1 Unauthorized: ... >> I'm starting with basic authentication (as not all users use Internet ...
    (microsoft.public.inetserver.iis.security)