URL Authentication IIS 6.0

URL Authentication IIS 6.0

Post by r.oosterho » Thu, 19 Oct 2006 23:43:30


I need to authenticate users agains an Active Directory (or rather
ADAM)...

I've red about a new feature in IIS 6.0: URL Authentication and I did
manage to set-up a situation where users are authenticated by use of
LDAP query: (&(objectCategory=user)(CN=*)))

But, now comes the stange part, only users logged-in on the server
where IIS is configured are authenticated correctly.
For example:
IIS/URL Authentication is configured at server Server1 to protect
virtual directory /URLTest.
When user 'admin' is logged in Server1, he is able to go to
http://localhost/URLTest
When user 'test' is logged in Server1, he is also able to go to the url
above,

When users 'admin' or 'test' are logged-in on another server, they are
not able to navigate to Server1/URLTest because they cannot be
authenticated...

What is wrong?
 
 
 

URL Authentication IIS 6.0

Post by Marcelo Vi » Sat, 28 Oct 2006 22:14:59

Are the servers part of the same domain? If they don't that is the problem,
admin and/or guest in server1 cannot be authenticated in server2 because
they are different systems or security scope.

Marcelo V.

 
 
 

URL Authentication IIS 6.0

Post by r.oosterho » Wed, 15 Nov 2006 18:16:24

Thanks for your reply.
The servers are indeed part of the same domain...
So this can not be the problem...

Rick O.

Marcelo Villal schreef:
 
 
 

URL Authentication IIS 6.0

Post by David Wan » Thu, 16 Nov 2006 07:09:46

The problem is that "URL Authentication" does not exist.

The feature is actually called "URL Authorization". Authorization (i.e.
what can a user do?) is totally different than Authentication (i.e.
what user are you?)

"URL Authorization" takes effect AFTER Authentication completes, since
you need to know WHO the user is before trying to determine WHAT the
user is authorized to do.

Since you say you cannot authenticate to this server when logged into a
remote machine, what you configured for "URL Authorization" is not
involved at all.

Your problem has to do with why those users cannot authenticate from a
remote machine. The best way is to look at the IIS web log entries for
these remote access attempts to see what is wrong.

http://www.yqcomputer.com/



//David
http://www.yqcomputer.com/
http://www.yqcomputer.com/
//
 
 
 

URL Authentication IIS 6.0

Post by r.oosterho » Tue, 21 Nov 2006 16:50:28

David, thanks a lot!

That finally helped me. Now I know I need another solution for my
Authentication (which I was really looking for; thus not
Authorization)...

Thanks again,
Rick O.

David Wang schreef: