IIS Security strange things

03-01-2004

I have intranet application based on ASP.NET on Win2000AS (Framework 1.1).

Website uses an Integrated Windows Authentication as Authentication method
in IIS and has following security configuration in the web.config

------------------------------------------
<identity impersonate="false" />

<authentication mode="Windows" />
<authorization>
<deny users="?" />
</authorization>

<customErrors defaultRedirect="CustomError.aspx" mode="Off">
<error statusCode="401" redirect="Custom401.html"/>
</customErrors>
------------------------------------------

And everything goes fine for 99.9% users and not for one only, who always
get a popup login window to login this website.
He has WinXP box, with latest browser, like many others, but for any reason
website cannot recognize that user as a valid internal user.

Any ideas? Thank you

03-01-2004

Hi ,
In IE open Options -> select Security
Select Custom LEVEL -> User Authentication
Check if the user has checked Prompt for user name and password.
If its marked make it to auttomatic login only in intranet zone.
Arvind
"Alexey Smirnov" <> wrote in message
news:OSktyX5$...
> I have intranet application based on ASP.NET on Win2000AS (Framework 1.1).
>
> Website uses an Integrated Windows Authentication as Authentication method
> in IIS and has following security configuration in the web.config
>
> ------------------------------------------
> <identity impersonate="false" />
>
> <authentication mode="Windows" />
> <authorization>
> <deny users="?" />
> </authorization>
>
> <customErrors defaultRedirect="CustomError.aspx" mode="Off">
> <error statusCode="401" redirect="Custom401.html"/>
> </customErrors>
> ------------------------------------------
>
> And everything goes fine for 99.9% users and not for one only, who always
> get a popup login window to login this website.
> He has WinXP box, with latest browser, like many others, but for any
reason
> website cannot recognize that user as a valid internal user.
>
> Any ideas? Thank you
>
>

03-01-2004

Hi, Arvind

yes, he has the default level (medium low) for the intranet zone
and in addition that site inserted in Local Intranet Site List
(Security - Sites - Advanced...)

Alexey

"Arvind P Rangan" <> wrote in message
news:%23vNeUd5$...
> Hi ,
> In IE open Options -> select Security
> Select Custom LEVEL -> User Authentication
> Check if the user has checked Prompt for user name and password.
> If its marked make it to auttomatic login only in intranet zone.
> Arvind
> "Alexey Smirnov" <> wrote in message
> news:OSktyX5$...
> > I have intranet application based on ASP.NET on Win2000AS (Framework
1.1).
> >
> > Website uses an Integrated Windows Authentication as Authentication
method
> > in IIS and has following security configuration in the web.config
> >
> > ------------------------------------------
> > <identity impersonate="false" />
> >
> > <authentication mode="Windows" />
> > <authorization>
> > <deny users="?" />
> > </authorization>
> >
> > <customErrors defaultRedirect="CustomError.aspx" mode="Off">
> > <error statusCode="401" redirect="Custom401.html"/>
> > </customErrors>
> > ------------------------------------------
> >
> > And everything goes fine for 99.9% users and not for one only, who
always
> > get a popup login window to login this website.
> > He has WinXP box, with latest browser, like many others, but for any
> reason
> > website cannot recognize that user as a valid internal user.
> >
> > Any ideas? Thank you
> >
> >
>
>

03-03-2004

Alexey,
Click on Custom Level
and in that See what is selected for User Authentication.
Arvind
"Alexey Smirnov" <> wrote in message
news:%23Iydfq5$...
> Hi, Arvind
>
> yes, he has the default level (medium low) for the intranet zone
> and in addition that site inserted in Local Intranet Site List
> (Security - Sites - Advanced...)
>
> Alexey
>
>
> "Arvind P Rangan" <> wrote in message
> news:%23vNeUd5$...
> > Hi ,
> > In IE open Options -> select Security
> > Select Custom LEVEL -> User Authentication
> > Check if the user has checked Prompt for user name and password.
> > If its marked make it to auttomatic login only in intranet zone.
> > Arvind
> > "Alexey Smirnov" <> wrote in message
> > news:OSktyX5$...
> > > I have intranet application based on ASP.NET on Win2000AS (Framework
> 1.1).
> > >
> > > Website uses an Integrated Windows Authentication as Authentication
> method
> > > in IIS and has following security configuration in the web.config
> > >
> > > ------------------------------------------
> > > <identity impersonate="false" />
> > >
> > > <authentication mode="Windows" />
> > > <authorization>
> > > <deny users="?" />
> > > </authorization>
> > >
> > > <customErrors defaultRedirect="CustomError.aspx" mode="Off">
> > > <error statusCode="401" redirect="Custom401.html"/>
> > > </customErrors>
> > > ------------------------------------------
> > >
> > > And everything goes fine for 99.9% users and not for one only, who
> always
> > > get a popup login window to login this website.
> > > He has WinXP box, with latest browser, like many others, but for any
> > reason
> > > website cannot recognize that user as a valid internal user.
> > >
> > > Any ideas? Thank you
> > >
> > >
> >
> >
>
>

03-03-2004

User Authentication
Logon
Automatic logon only in Intranet zone

-----------------
Any ideas?

Alexey

"Arvind P Rangan" <> wrote in message
news:uwNu$...
> Alexey,
> Click on Custom Level
> and in that See what is selected for User Authentication.
> Arvind
> "Alexey Smirnov" <> wrote in message
> news:%23Iydfq5$...
> > Hi, Arvind
> >
> > yes, he has the default level (medium low) for the intranet zone
> > and in addition that site inserted in Local Intranet Site List
> > (Security - Sites - Advanced...)
> >
> > Alexey
> >
> >
> > "Arvind P Rangan" <> wrote in message
> > news:%23vNeUd5$...
> > > Hi ,
> > > In IE open Options -> select Security
> > > Select Custom LEVEL -> User Authentication
> > > Check if the user has checked Prompt for user name and password.
> > > If its marked make it to auttomatic login only in intranet zone.
> > > Arvind
> > > "Alexey Smirnov" <> wrote in message
> > > news:OSktyX5$...
> > > > I have intranet application based on ASP.NET on Win2000AS (Framework
> > 1.1).
> > > >
> > > > Website uses an Integrated Windows Authentication as Authentication
> > method
> > > > in IIS and has following security configuration in the web.config
> > > >
> > > > ------------------------------------------
> > > > <identity impersonate="false" />
> > > >
> > > > <authentication mode="Windows" />
> > > > <authorization>
> > > > <deny users="?" />
> > > > </authorization>
> > > >
> > > > <customErrors defaultRedirect="CustomError.aspx" mode="Off">
> > > > <error statusCode="401" redirect="Custom401.html"/>
> > > > </customErrors>
> > > > ------------------------------------------
> > > >
> > > > And everything goes fine for 99.9% users and not for one only, who
> > always
> > > > get a popup login window to login this website.
> > > > He has WinXP box, with latest browser, like many others, but for any
> > > reason
> > > > website cannot recognize that user as a valid internal user.
> > > >
> > > > Any ideas? Thank you
> > > >
> > > >
> > >
> > >
> >
> >
>
>

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
vs2005 publish website doing bad things, bad things	=?Utf-8?B?V2lsbGlhbSBTdWxsaXZhbg==?=	ASP .Net	1	10-25-2006 06:18 PM
ASP.NET does strange things	=?Utf-8?B?R2FyeQ==?=	ASP .Net	6	05-05-2005 11:20 AM
Validating SAX parser still reads whitespace/does strange things.	badgerduke@gmail.com	Java	1	01-07-2005 04:32 PM
IIS Security strange things	Alexey Smirnov	ASP .Net	4	03-03-2004 07:48 AM
OT: strange things that people search for	Toby A Inkster	HTML	10	02-09-2004 10:17 PM