Uncategorized

Integrated Authentication does not work with domain name

This is an easy one, but we got cases like this every now and then… maybe worth repeating.

If you use Windows Integrated Authentication in IIS, everything works fine if you browse “http://netbiosname”, but Integrated Authentication fails is you browse “http://dnsname”. Why?

Because if the DNS machine name contains a dot (“.”), the web site automatically belongs to the “Internet” zone, and by default IE does not sent the account credentials.

How to solve this? Easy, you have two options:

    1. Add the URL to the “Trusted Sites” in Internet Explorer
    2. Modify the security parameter to allow “Automatic logon with current user name and password” (Control Panel -> Internet Options -> Security tab -> Internet -> Custom level…)

Update:
By the way, I forgot to mention that this is also true if you use the IP address instead of the netbios name: e.g. http://xxx.xxx.xxx.xxx

Cheers

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.