|
|||||||||
|
|||||||||
| |||||||||
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
Dev Shed Forums Sponsor:
|
|
|
|
#1
August 27th, 2007, 03:56 PM
|
|||
|
|||
Guest access and Integrated Windows Authenication (cake and eating it too)
Howdy all -
So I'm trying to figure out how to allow guests on our intranet even though we have it set up to detect who you are on the network using Windows Integrated Authentication. Right now IIS is set up as follows: In the "Dir Security" tab > "Authentication and.." button "Enable anon access" is un-checked "Integrated Windows Authenication" is checked. However if you try to get to the intranet and are not a user in the Active Directory domain, you get the login prompt for the server. I've turned "Enable anon access" back to checked, this results in "Integrated WindowsAuthenication" not being used at all and the cgi.AUTH_USER variable being null. So... do anyone know how to allow guests and have "Integrated Windows Authenication"? I've done quite a bit of digging around so I'm guessing not. In closing I'm wondering if there is any kind of IIS (?) scripting/programming that can be done to allow this? Otherwise, maybe get the logged in user from the browser without having "Integrated Windows Authenication" turned on in the web server? {update} So I found: support.microsoft.com/kb/324274/ It say's: IMPORTANT: If you turn on anonymous access, IIS always tries to authenticate users by using anonymous authentication first, even if you turn on additional authentication methods. so the question is can you get IIS to do IWA first, then default to anonymous if IWA fails. {end update} Thanks for your thoughts and comments. Brent Last edited by brentnicholas : August 27th, 2007 at 05:32 PM. Reason: new info
|
|
#2
August 27th, 2007, 07:05 PM
|
|||
|
|||
|
I don't know the answer to your question, sorry, but thanks for the KB link.
Some asp apps use windows wmi objects to determine the windows user when IIS is set to anonymous access, but I don't know of any way in classic asp to get IIS to subsequently impersonate a different user account. You may be able to do so with asp.NET, I don't know.
__________________
====== Doug G ====== I didn't attend the funeral, but I sent a nice letter saying I approved of it. --Mark Twain
|
|
#3
August 27th, 2007, 07:16 PM
|
|||
|
|||
|
Quote:
Doug, Thanks. I'll check into wmi objects and see how they work. Possibly there's a .Net solution to pass the cgi. var to ColdFusion. I'm currently looking into if I can pull cgi.AUTH_USER from the bowser without doing authentication on the server, just get that user logged into the machine via IE.
|
|
#4
August 27th, 2007, 11:25 PM
|
|||
|
|||
|
If you're using asp, there are some applications like some forums and cms apps that have integrated code to use windows logon information when the web server doesn't provide it. You may want to browse around download sites like www.aspin.com and see if you spot any app you could download and review the code they use.
|
|
| Viewing: Dev Shed Forums > System Administration > IIS > Guest access and Integrated Windows Authenication (cake and eating it too) |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
|
 |
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
