Re: MOSS Authentication Mechanism

The spec for two PCs are the same:
- Windows XP Pro Service Pack 2
- Office XP Service Pack 3

We used the standard/default installation.

Andrey

"Anja" wrote:

Hi,
what os is installed on both workstations? The problem you described is
likely to appear on Vista and Office 2007 and there are some hotfixes from
MS to solve it.
I would rather suggest to check the browser security settings and adding the
sharepoint page to trusted sites.
Does A and B user has the same rights to the library? The problem appear in
one library or in more of them?

MOSS can use different authentication mechanism - depends on your
configuration, could be Anonymous, Kerberos, NTLM, Basic, Forms...

See some this links:
Configure Kerberos authentication (Office SharePoint Server)
http://technet.microsoft.com/en-us/library/cc263449(TechNet.10).aspx

Configuring Multiple Authentication Providers for SharePoint 2007
http://blogs.msdn.com/sharepoint/archive/2006/08/16/configuring-multiple-authentication-providers-for-sharepoint-2007.aspx

Anja



"Andrey" <andrey@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:077E0D56-DD1E-4AB3-B5AD-2F2BD9E91761@xxxxxxxxxxxxxxxx
During deployment MOSS 2007 for my clients, I found a strange scenario
with
Document Library:
1. User A logged in using his domain account to A's PC, and accessed one
of
the Word document in MOSS's document library. A is able to view it in
Word,
but Word showed that the document is read-only (although A has rights in
that
library).
2. User B is able to view and edit that particular document in B's PC
(logged in using her domain account). When using B's account on user A's
PC
("sign in as different user"), B encountered the same problem as A (view
document as read-only).
3. If A's PC is logged out of A's domain account and logged in using B's
domain account, the problem is gone. B is able to edit that particular
document (and so is A).
4. Then using the same session on A's PC (with B's account), user A did a
force log-in using A's account. And the problem is repeated (view as
read-only).

- A and B are on the same domain.
- A and B's PC have more or less same configuration.

I hope the description is clear enough to provide the complete picture.
It's
a must for me to explain why this happens, so really appreciate any helps.

My guess is this has to be related to MOSS's authentication mechanism with
NT and web-based. Anyway, I have two questions:
1. Does MOSS always invoke NT authentication when user access its sites?
2. And when the user doesn't log in as NT domain account, is web-based
authentication be used for authentication?
3. Will domain policies of A and B make difference in this case? I believe
it does but not sure about the explaination.

Thanks,
Andrey



.

Relevant Pages

  • Re: Cant make a domain user the "anonymous access" user
    ... When dealing with authentication issues it is VERY important to ... Some of the things you claim is not consistent with a default IIS ... If you use a browser that cannot do NTLM, by definition, a 401.2 error is ... user account that works and your domain account that does not. ...
    (microsoft.public.inetserver.iis.security)
  • Re: System.IO.Directoryinfo throwing exception
    ... With basic authentication and impersonation you need to ... use a domain account which can delegate and you can check how to mark your ... ASP.NET MVP ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Cant make a domain user the "anonymous access" user
    ... I have tried both with and without Integrated authentication enabled. ... I get a login prompt if I am using an NTLM-capable ... I can then authenticate using the domain account ... Pool containing this ASP page ...
    (microsoft.public.inetserver.iis.security)
  • Re: MOSS Authentication Mechanism
    ... Configure Kerberos authentication (Office SharePoint Server) ... User A logged in using his domain account to A's PC, ... A and B's PC have more or less same configuration. ...
    (microsoft.public.sharepoint.portalserver)
Loading