B
bubba1984
Hi,
We have an issue with IIS handing authentication request for another forest when they try to access a virtual directory. They are able to access the folders directly on the file server.
We currently have a two way AD external trust with the other company between forest A and forest B. We have a member server that runs an IIS application that has virtual directories that are hosted on a different member server. The member servers are hosted in forest B domain. users who are in forest/domain B are able to access the IIS web application and are able to access the virtual directories as well that are hosted on another member server. IIS is setup to use AD authentication.
When users in forest/domain A connect to the IIS web application, it is successful, but as soon as they try to access the virtual directory it prompts them for a username and password. If they try to enter in the credentials, nothing happens except it is asking for username and password. They are putting in the domain name for domainA\username.
If we move the virtual directory and small files over to the IIS server and then change the virtual directory to point to it the people in forest/domain A are able to access it no issues. The issue seems to be that when the people in forest/domainA can access IIS but when they try to access the virtual directories that are hosted on another member server, it prompts them for username and password. It is like IIS is not passing their credentials through for them where if it is people on the same domain as those member servers, everything works fine.
If users from forest/domainA try to access the file share for those folders it works as well so we know it is nothing to do with folder permissions.
Windows server OS is windows server 2008R2
Continue reading...
We have an issue with IIS handing authentication request for another forest when they try to access a virtual directory. They are able to access the folders directly on the file server.
We currently have a two way AD external trust with the other company between forest A and forest B. We have a member server that runs an IIS application that has virtual directories that are hosted on a different member server. The member servers are hosted in forest B domain. users who are in forest/domain B are able to access the IIS web application and are able to access the virtual directories as well that are hosted on another member server. IIS is setup to use AD authentication.
When users in forest/domain A connect to the IIS web application, it is successful, but as soon as they try to access the virtual directory it prompts them for a username and password. If they try to enter in the credentials, nothing happens except it is asking for username and password. They are putting in the domain name for domainA\username.
If we move the virtual directory and small files over to the IIS server and then change the virtual directory to point to it the people in forest/domain A are able to access it no issues. The issue seems to be that when the people in forest/domainA can access IIS but when they try to access the virtual directories that are hosted on another member server, it prompts them for username and password. It is like IIS is not passing their credentials through for them where if it is people on the same domain as those member servers, everything works fine.
If users from forest/domainA try to access the file share for those folders it works as well so we know it is nothing to do with folder permissions.
Windows server OS is windows server 2008R2
Continue reading...