David
Wed Jun 28 22:01:55 CDT 2006
Network routing differences based purely on the site name can disrupt/break
authentication protocols.
--
//David
IIS
http://blogs.msdn.com/David.Wang
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"Limbo" <limbo2u@surffast.com> wrote in message
news:%23IkiGJymGHA.1204@TK2MSFTNGP04.phx.gbl...
> Not planning on using the DC for web browsing, this was just something I
> noticed when testing our intranet site on the DC, and was keen to get an
> explanation.
>
> The browser configs are identical, only difference I can think of is that
> the desktops get internet access using MS Firewall Client 2004 but the DC
> uses the SecureNAT client. Could this be the issue?
>
> "David Wang [Msft]" <someone@online.microsoft.com> wrote in message
> news:%23i$gfpxmGHA.3588@TK2MSFTNGP04.phx.gbl...
>> Is there any particular reason that you want to web-browse on the Domain
>> Controller, with the Domain Admin no-less? Very risky behavior...
>>
>> Are you sure that the web browser is not locked down differently between
>> the Domain Controller and Member machine?
>>
>> --
>> //David
>> IIS
>>
http://blogs.msdn.com/David.Wang
>> This posting is provided "AS IS" with no warranties, and confers no
>> rights.
>> //
>>
>> "Limbo" <limbo2u@surffast.com> wrote in message
>> news:%23Tiy%23QtmGHA.4700@TK2MSFTNGP03.phx.gbl...
>>> When logged on to our DC/IIS6 machine as a domain admin, integrated
>>> authentication only works if we access our intranet site using the
>>> NetBIOS name. If we try to access it using the FQDN we get a prompt for
>>> username/password.
>>>
>>> On the desktop machines we can access it using either address and the
>>> authentication always works fine.
>>>
>>> Anyone else experienced this or know what the problem is?
>>>
>>
>>
>
>