Windows server 2003 login

Dark_Angel

Dark_Angel

Dark_Angel

Soldato
Joined
12 May 2005
Posts
12,631
Hey,

While this may have a few elements of web based development, I am pretty sure the major problems are windows permission based - hence why I placed it in this forum :)

This may be a little complex to explain, so if something isn't completely clear please let me know so I can try to clarify for you.

We have a dedicated server in the US which we are renting, the idea is to serve a program to users across the world - the program uses IIS / an internet browser to do this.

We are trying to use the tickbox "Integrated windows authentication" to secure the directories, but there are 2 issues:

Problem 1 We (as mentioned) want to have the program secured using windows logon prompt, so not just anyone can access it. Problem is that if we put in the ip:8080\program (if this was the ip URL it would look like 44.44.44.44:8080\app) :8080 specifying obviously to use that port, then there is NO logon prompt what so ever. Indeed, it just leads you to full access of the program.

Problem 2 When accessing it without specifying port 8080 (therefore just having the browser use port 80 I would assume) so the url is (example) 44.44.44.44\app then the windows login prompt appears. BUT for some reason no matter what username and password I enter (including the admin one!) it tells me that I am not authorized to access this page.

Does anyone have an clues ?

Thanks in advanced.
 
Going to start -> run -> cmd -> systeminfo

It tells me:

Host name: PASS
Domain: Workgroup
Logon Server: \\PASS

Tried typing in pass\administrator and the password, and still telling me the same thing. :(
 
From my recolection, integrated AD authentication is primarily used for clients within the server's domain, remote users are generally granted access via VPN. Are you sure this is the type of authentication you want?

If the servername\username doesn't work, try domain\username.

Burnsy
 
Dark_Angel said:
Going to start -> run -> cmd -> systeminfo

It tells me:

Host name: PASS
Domain: Workgroup
Logon Server: \\PASS

Tried typing in pass\administrator and the password, and still telling me the same thing. :(
Click to expand...

Do you have AD installed? If it's saying "domain: workgroup" then it looks doubtful.

Burnsy
 
No AD is not setup :/

Start -> run -> dcpromo to start the setup.

It is telling me that (under domain controller type)

"Domain controller for a new domain"

or

"Additional domain controller for an existing domain"

Ideally I do not want to nuke the settings I have for IIS at the moment, since obviously the program itself is now in a start of working.

WOuld doing the active directories setup damage this (I would chose a new comain controller ?).

I am not really so great with active directory, but I work at a smaller company so I usualy handle most of the IT stuff /puts learning cap on.
 
As well as setting up AD at the server you would also need to make any clients part of that AD also for Integrated Authentication to work.

Almost certainly this is NOT what you should be doing.

Integrated Authentication is normally used in a LAN Intranet environment or at worst when communicating with other machines in your AD domain.

You will need to use one of the other forms of IIS authentication.
 
Can you recommend something that would do the trick ?

Something like a PHP login script would have been ideal, but because the program is stand alone, this won't work :/

As mentioned I am not too great in the area of things, but at least if I know the direction to go I can research it/get help from my webhosts or something :)
 
The simplest method is to use Basic Authentication and have the users setup as Local Users on web server.

Depending on how you offer the authentication this could lead to passing credentials in clear text and lead to a lot of uer maintenance on your part.

It might be a better idea to repost this in the Web section and see if someone who has experience with Window web hosting could offer some pointers.

I'm afraid my only experience of it comes more from the windows admin side of things with Exchange and other products - I'm no web admin.
 
You must log in or register to reply here.
Back
Top Bottom