Intranet/Internet Site Permissions

I guess, just trying to make my intranet available to the internet but
require ntfs login from internet and no login from intranet. Here is what I
did, I assign log on locally rights to my domain users, then I removed
anonymous access to the site. I added read access to the folder that
contains the webpages. Next I setup DNS record on my dns server to point to
files.domain.com and pointed to my IIS server IP address. Now, when I'm
outside and surf it prompts for username/password BUT does the same when
surfing from inside. At first I thought it was a DNS issue but when I do
nslookup or ping files.domain.com I get the ip of the IIS server. What is
kicking off the login prompt locally? I'm stumped.

Thanks

"Tom Kaminski [MVP]" <tomk (A@T) mvps (D.O.T) org> wrote in message
news:uobrXCJEFHA.2756@TK2MSFTNGP15.phx.gbl...
 > "B-Dog" <bdog4.DeleteThis@hotmail.com> wrote in message
 > news:#ExvhBIEFHA.4072@TK2MSFTNGP10.phx.gbl...
  >> I'm trying to make my intranet site available through the internet using
  >> ntfs permissions. I want my local users to be able to have access to the
  >> intranet without having to log in and from the internet would require
  >> ntfs
  >> login. I've removed anonymous access and change the folder permissions
  >> to
  >> users on our domain but when they access it, it prompts for username and
  >> password. Do I need to add that user group to the log on locally or what
 > am
  >> I missing?
 >
 > Basic authentication requires log on locally rights. Is that what you're
 > asking?
 >
 ><!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: Intranet/Internet Site Permissions 

Hi,

Internet Explorer might consider files.domain.com to be in the Internet
Zone. If it does, it will not automatically log on.

If this is true, then the solution would be to move your website to the
Intranet Zone.

Please also see:

"Internet Explorer May Prompt You for a Password"
<a style='text-decoration: underline;' href="http://support.microsoft.com/?id=258063" target="_blank">http://support.microsoft.com/?id=258063</a>

--
Regards,
Kristofer Gafvert
<a style='text-decoration: underline;' href="http://www.gafvert.info" target="_blank">www.gafvert.info</a> - My Articles and help
<a style='text-decoration: underline;' href="http://www.ilopia.com" target="_blank">www.ilopia.com</a>


B-Dog wrote:

 > I guess, just trying to make my intranet available to the internet but
 > require ntfs login from internet and no login from intranet. Here is
what I
 > did, I assign log on locally rights to my domain users, then I removed
 > anonymous access to the site. I added read access to the folder that
 > contains the webpages. Next I setup DNS record on my dns server to
point to
 > files.domain.com and pointed to my IIS server IP address. Now, when I'm
 > outside and surf it prompts for username/password BUT does the same when
 > surfing from inside. At first I thought it was a DNS issue but when I do
 > nslookup or ping files.domain.com I get the ip of the IIS server. What
is
 > kicking off the login prompt locally? I'm stumped.
 >
 > Thanks
 >
 > "Tom Kaminski [MVP]" <tomk (A@T) mvps (D.O.T) org> wrote in message
 > news:uobrXCJEFHA.2756@TK2MSFTNGP15.phx.gbl...
  > > "B-Dog" <bdog4.TakeThisOut@hotmail.com> wrote in message
  > > news:#ExvhBIEFHA.4072@TK2MSFTNGP10.phx.gbl...
   > >> I'm trying to make my intranet site available through the internet
using
   > >> ntfs permissions. I want my local users to be able to have access to
the
   > >> intranet without having to log in and from the internet would require
   > >> ntfs
   > >> login. I've removed anonymous access and change the folder
permissions
   > >> to
   > >> users on our domain but when they access it, it prompts for username
and
   > >> password. Do I need to add that user group to the log on locally or
what
  > > am
   > >> I missing?
  > >
  > > Basic authentication requires log on locally rights. Is that what
you're
  > > asking?
  > >
  > ><!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: Intranet/Internet Site Permissions 

On Fri, 11 Feb 2005 15:25:23 -0600, "B-Dog" <bdog4.TakeThisOut@hotmail.com> wrote:

 >I'm trying to make my intranet site available through the internet using
 >ntfs permissions. I want my local users to be able to have access to the
 >intranet without having to log in and from the internet would require ntfs
 >login. I've removed anonymous access and change the folder permissions to
 >users on our domain but when they access it, it prompts for username and
 >password. Do I need to add that user group to the log on locally or what am
 >I missing?

Make sure the intranet site is in Internet Explorer's Intranet Zone
for securtiy, otherwise it won't pass credentials. Use Windows
Integrated as your authorization.

Jeff<!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: Intranet/Internet Site Permissions 

Well that works but I thought it would try and authenticate first before
prompting. If I go straight to http:\\machinename it doesn't prompt but if
I go to http:\\files.domain.com it prompts, both the same IP but I guess it
thinks that the latter is outside of our local site. Thanks


"Kristofer Gafvert" <kgafvert.DeleteThis@NEWSilopia.com> wrote in message
news:xn0dyf9qk48wqut002@news.microsoft.com...
 > Hi,
 >
 > Internet Explorer might consider files.domain.com to be in the Internet
 > Zone. If it does, it will not automatically log on.
 >
 > If this is true, then the solution would be to move your website to the
 > Intranet Zone.
 >
 > Please also see:
 >
 > "Internet Explorer May Prompt You for a Password"
<font color=purple> > <a style='text-decoration: underline;' href="http://support.microsoft.com/?id=258063</font" target="_blank">http://support.microsoft.com/?id=258063</font</a>>
 >
 > --
 > Regards,
 > Kristofer Gafvert
 > <a style='text-decoration: underline;' href="http://www.gafvert.info" target="_blank">www.gafvert.info</a> - My Articles and help
<font color=purple> > <a style='text-decoration: underline;' href="http://www.ilopia.com</font" target="_blank">www.ilopia.com</font</a>>
 >
 >
 > B-Dog wrote:
 >
  > > I guess, just trying to make my intranet available to the internet but
  > > require ntfs login from internet and no login from intranet. Here is
 > what I
  > > did, I assign log on locally rights to my domain users, then I removed
  > > anonymous access to the site. I added read access to the folder that
  > > contains the webpages. Next I setup DNS record on my dns server to
 > point to
  > > files.domain.com and pointed to my IIS server IP address. Now, when I'm
  > > outside and surf it prompts for username/password BUT does the same when
  > > surfing from inside. At first I thought it was a DNS issue but when I
do
  > > nslookup or ping files.domain.com I get the ip of the IIS server. What
 > is
  > > kicking off the login prompt locally? I'm stumped.
  > >
  > > Thanks
  > >
  > > "Tom Kaminski [MVP]" <tomk (A@T) mvps (D.O.T) org> wrote in message
  > > news:uobrXCJEFHA.2756@TK2MSFTNGP15.phx.gbl...
   > > > "B-Dog" <bdog4.DeleteThis@hotmail.com> wrote in message
   > > > news:#ExvhBIEFHA.4072@TK2MSFTNGP10.phx.gbl...
   > > >> I'm trying to make my intranet site available through the internet
 > using
   > > >> ntfs permissions. I want my local users to be able to have access to
 > the
   > > >> intranet without having to log in and from the internet would require
   > > >> ntfs
   > > >> login. I've removed anonymous access and change the folder
 > permissions
   > > >> to
   > > >> users on our domain but when they access it, it prompts for username
 > and
   > > >> password. Do I need to add that user group to the log on locally or
 > what
   > > > am
   > > >> I missing?
   > > >
   > > > Basic authentication requires log on locally rights. Is that what
 > you're
   > > > asking?
   > > >
   > > ><!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: Intranet/Internet Site Permissions