401 with integrated security and host file entry

TheMSsForum.com: The Microsoft Software Forum

I am using IIS 5.1.
I have only integrated windows authentication checked on my work
station on the security tab in IIS.
I have a host file entry similiar to 127.0.0.1 testing.mycompany.com

Under the above scenario, I can access a page without a problem if I go
to http://localhost/mytest/hello.html

However, if I go to http://testing.mycompany.com/mytest/hello.html, I
get a challenge response. Then, even entering my network credentials
will not get me past this 401.

If I turn anonymous access on, I will not get the challenge
response(Although this is not an option for me)

I will get the same challenge if instead of using 127.0.0.1, I use the
ip address as given when issuing an ipconfig command.

I've checked ACLS and everyone has read, read & execute, and List
Folder Contents.

Does anyone have any ideas as to how I can get around this? I need to
be able to have only integrated windows authentication along with host
header that is not localhost. (Cookie related issue where I need a
domain)

Thank you in advance for your help.
Top

Re: 401 with integrated security and host file entry by Walter

Walter
Thu Jun 01 04:28:34 CDT 2006

Hello

if u try to call your site with
http:\\127.0.0.1\blabla or with
http:\\testing.mycompany.com should bring the password challenge.

reason: if zoy have more than 1 dot in the domainname, IE suggest that u
will connect to the internet. Therefore u have to enter your credentials,
but they are failing because integrated auth. not works over the internet.

solution: add your IP or FQDN in IE to the trusted sites.

regards
Walter


<nsyforce@aol.com> wrote in message
news:1149105035.095554.126220@i39g2000cwa.googlegroups.com...
>I am using IIS 5.1.
> I have only integrated windows authentication checked on my work
> station on the security tab in IIS.
> I have a host file entry similiar to 127.0.0.1 testing.mycompany.com
>
> Under the above scenario, I can access a page without a problem if I go
> to http://localhost/mytest/hello.html
>
> However, if I go to http://testing.mycompany.com/mytest/hello.html, I
> get a challenge response. Then, even entering my network credentials
> will not get me past this 401.
>
> If I turn anonymous access on, I will not get the challenge
> response(Although this is not an option for me)
>
> I will get the same challenge if instead of using 127.0.0.1, I use the
> ip address as given when issuing an ipconfig command.
>
> I've checked ACLS and everyone has read, read & execute, and List
> Folder Contents.
>
> Does anyone have any ideas as to how I can get around this? I need to
> be able to have only integrated windows authentication along with host
> header that is not localhost. (Cookie related issue where I need a
> domain)
>
> Thank you in advance for your help.
>


Top

Re: 401 with integrated security and host file entry by nsyforce

nsyforce
Thu Jun 01 11:42:18 CDT 2006

Thanks, Walter.
I tried this an unfortunately had the same problem. Does anyone have
any thoughts on what I may also need to do?

Top

Re: 401 with integrated security and host file entry by Ken

Ken
Thu Jun 01 23:14:11 CDT 2006

Walter is incorrect that Integrated Windows Authentication doesn't work in
the Internet security zone. IWA typically doesn't work *across the
internet*, not because the site is in the Internet security zone. You can
read more about this here:
http://www.microsoft.com/technet/community/columns/insider/iisi0306.mspx

When you are authenticating, are you using a local account? Or domain
account? If the local account, are you use you are using
Machinename\Username, not just "Username" for your username?

Cheers
Ken

<nsyforce@aol.com> wrote in message
news:1149180138.202755.213310@g10g2000cwb.googlegroups.com...
> Thanks, Walter.
> I tried this an unfortunately had the same problem. Does anyone have
> any thoughts on what I may also need to do?
>


Top

Re: 401 with integrated security and host file entry by nsyforce

nsyforce
Fri Jun 02 08:03:43 CDT 2006

Ken, thank you for your response.
I am using my domain credentials. I expect to not get prompted and
have them authorize successfully. However, when prompted I've tried
entering an id both as DOMAIN\ID and ID along with the password used to
log on to the domain. Both are unsuccessful.

Considering Walters earlier response on multiple nodes, I tried
something else. I entered a host file for my ip address for 'mybox'.

So when I go to http://mybox/test/hello.html I get prompted for
credentials.
When I go to http://localhost/test/hello.html I work fine.

Thanks in advance for any help. Also thanks for the link you provided
earlier.

Top