I have setup a test enviorment on server and there are few websites running on IIS.
Website security settings are set to 'integrated windows authentication' and anonymous access is unchecked.
When i access the website with the server name then it works fine but if i use an ip address instead then system prompting username password window.
Why system is prompting username password window?
How can i access a site with ip address and server name?
Assuming that you are using Internet explorer, when there is a period in the URL it thinks that its an external address and will not pass on the credentials. So an IP address such as '10.1.1.1' will be treated as an external address, and as for an address like 'myhost' it thinks its an internal address and pass on credentials
Have a look at this KB:
http://support.microsoft.com/kb/258063
http://msdn.microsoft.com/en-us/library/bb250483(VS.85).aspx
Related
I currently allow access to a service on a Windows Server as follows:
http://<server_ip>:<port_number>
When the user enters this in the browser it takes them to a UI on the Windows Server
Note: the user machine are on a DHCP Server so ip addresses can change.
How can i restrict access only to certain users ?
Is there a way i can force them to enter a name or secret as a querystring parameter and resolve on the Server side ?
I'm currently building a system where users can list Word and Excel files in an ASP.net webapp and click on files to edit which will open them up in Office from an IIS WebDAV server and allow the users to edit the files.
I have all of this working with Windows Authentication enabled and using the server's hostname to address the file on the WebDAV server:
ms-word:ofe|u|http://hostname/webdav/myfile.docx
However the client has a subdomain (resolved by internal dns on their network) and ssl cert they want to use for the site. When I address the file with this domain name:
ms-word:ofe|u|https://portal.domainname.com/webdav/myfile.docx
I get a windows authentication prompt when opening it in Word that will not accept my domain credentials.
If I switch the WebDAV server to Basic Authentication and set the domain Word will prompt for authentication and will accept my domain credentials, but it will prompt on every file I open.
Is there a way to address the file using this internal subdomain name that will open the files without prompting the user for authentication?
This will only be accessible on their internal network so I'm open to considering any authentication scheme that would achieve this goal.
Because of security reasons the client will not send credentials to hosts that are not recognized as local intranet.
When using a (sub)domain instead of a hostname every client has to add the (sub)domain to it's intranet zone:
Internet options > security > Local intranet > Websites > Advanced > Add.
This can also be done by using a Group Policy or setting a registry key.
HKEY_CURRENT_USER\software\microsoft\windows\current version\internet settings\zonemap\domains\[domain]\[subdomain (optional)]
DWORD name: http of https value: 1
Normally when I want to connect through ftp, everything is provided such as the ftp name and username and password by my hosting service. But now I don't have all these details about a local server in my company office because the server is actually not hosting any sites. It's just a server where documents are stored.
But I need a way to connect to this server through my web application.
All I know are:
It is possible to connect through remote desktop to that server
There is an ip address for that server ( The server machine is in my company office)
I have a username and password that allows me to access network drive on that server (I can do this only by directly plugging the cat5 cable to my laptop)
When I configure my outlook email using microsoft exchange server, this is how my settings look like (example.net.au is just for example sake):
Server: server1.example.net.au
User name: jack#example.net.au
Does the ftp detail exist for this server? How do I find out?
I have a site http://www.example.com, the cPanel of which I access via the url/cPanel.
However, it is not accessible from the systems in my college as the access to the port through which it connects, something like 2082, is disallowed.
Is there any alternative to that, such as using WinSCP? Also, I only have the domain, not its IP address. I also have the username and password, that I use for accessing the cPanel.
You can install WinSCP and transfer the files. To do so download and install WinSCP. Once it has been installed open it and select files protocol as FTP and in Hostname enter your IP address, same with Username and Password. Now click on Login option. Once you are in you will be able to transfer files.
You can as well go though quick guide at : http://winscp.net/eng/docs/getting_started
I have an an intranet website running under IIS6 (under a specific port, not the default one) with a integrated windows authentication enabled and uses an application pool configured with a service account. the issue is, if I access the website using the server name with a fully qualified domain in the URL, it throws a login prompt (doesn't work even if enter my windows login credentials), but if I use the IP address of the server then it works fine. Please let me know what I need to do to get the URL with server name working.
for example http://servername:8080/default.aspx throws login prompt, but http://ip address:8080/default.aspx works fine
I am experiencing the same problem. I believe it is something to do with Kerberos authentication mechanism. If it resorts to NTLM it will work (which it does when using an IP address). Kerberos requires an SPN registered on Active Directory for it to work. Kerberos also won't allow you to have application pools running under different accounts but with the same server name. In these situations you should have an alternate name for the site and register that with Kerberos. However, I haven't actually resolved the issue yet so these are just suggestions.
Two possible problems come to my mind:
The DNS server in your network is not resolving servername to an IP
Run Ping servername from the command line to check if the name brings the IP expected
edit the C:\Windows\System32\drivers\etc\hosts file and add the server name and IP address
The Bindings in IIS6 does not expect servername
Make sure that servername is included in the list or the Host Header Name field is empty
I had exactly these symptoms when the web server had its IP address changed due to a new internal IP addressing scheme. Pass through authentication worked from the webserver itself but not from any other system. From other systems, using the host name in the URL caused IE to prompt for credentials which were always rejected, using the IP address in the URL caused IE to prompt for credentials which were accepted. After chasing a lot of red herrings we suspected that the server was caching credentials against the old IP address, so we rebooted the server and it all came right.
Try this. I had exactly same problem and it fixed it for me (I'm the linked thread)
I set my AuthenticationProvider for my website to "NTLM, Negotiate"
Following these instructions:
http://support.microsoft.com/kb/215383
With a slight change to their instruction to set provider of course
mine:
cscript adsutil.vbs set w3svc/WebSite/root/NTAuthenticationProviders "**NTLM, Negotiate**"
You can get the Website ID by clicking on the "Web Sites" folder on the left in IIS. This should list all your website with their ID
Thanks to Nick's answer that lead me to it