Login problems using Integrated Windows Authentication
We are using Win2k Server with IIS5.0. I have created a new website that I need to secure with AD Pass thru authentication for internal users only. If I go to the IIS Manager and click on the properties of the web site, under directory security Tab, anonymous access and authentication control, I have only "Integrated Windows Authentication" checked. I have all the NT security set for the groups on the actual folders. The problem I am experiencing is when an authorized user accesses the web site, it forces them to put in their login and password and domain instead of pulling it thru Kerberos. If they put in their login it lets them into the site. If they do not belong to the group it says access denied like it should. I have searched all I can find on Microsoft's site and have been unsuccessful. Can you give me any ideas to try?
There are a lot of variables to account for here. First, make sure both the server and the client are on the same intranet. Then, make sure there are no proxy servers between them. Also verify that clients are using the latest version of Internet Explorer. If all of these are in place, you should be able to use automatic Integrated Windows Authentication. If you still have problems, read the "Integrated Windows Authentication" section of this article: http://www.microsoft.com/technet/prodtechnol/cms/maintain/secauth.mspx
This was first published in May 2004