S
SpaceMarine
sorry for the near-dupe post (also in .security), but im desperately
trying to find an answer to this...
i am attempting to configure security for an intranet web application
in ASP.NET 2. it uses Windows authentication, retrieving roles from
our Active Directory. nothing too unusual.
what is unusual: it works for users that are VPN'ing into our network
from the outside (using cisco vpn), but DOESNT work for normal desktop
users in the office.
for both the browser (IE) pops up the windows login dialog. afterward
VPN users get in and i can see their name, check their
User.IsInRole("foo"), etc.. no problems. in-network users? cant
authenticate their credentials.. get this after 3 failed attempts:
HTTP Error 401.1 - Unauthorized: Access is denied due to invalid
credentials.
Internet Information Services (IIS)
....any ideas why?
Windows Server 2003, virtual directory under default website. in
"Directory Security" tab in IIS i have:
- unchecked "Enable anonymous access"
- checked "Integrated Windows authentication"
....my web.config of course uses the Windows authenication mode.
this is maddening! thanks for any help
sm
trying to find an answer to this...
i am attempting to configure security for an intranet web application
in ASP.NET 2. it uses Windows authentication, retrieving roles from
our Active Directory. nothing too unusual.
what is unusual: it works for users that are VPN'ing into our network
from the outside (using cisco vpn), but DOESNT work for normal desktop
users in the office.
for both the browser (IE) pops up the windows login dialog. afterward
VPN users get in and i can see their name, check their
User.IsInRole("foo"), etc.. no problems. in-network users? cant
authenticate their credentials.. get this after 3 failed attempts:
HTTP Error 401.1 - Unauthorized: Access is denied due to invalid
credentials.
Internet Information Services (IIS)
....any ideas why?
Windows Server 2003, virtual directory under default website. in
"Directory Security" tab in IIS i have:
- unchecked "Enable anonymous access"
- checked "Integrated Windows authentication"
....my web.config of course uses the Windows authenication mode.
this is maddening! thanks for any help
sm