Is this IIS6 server in a domain.
Are you using Custom AppPool Identity.
--
//David
IIS
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"Ariel" <anonymous.RemoveThis@discussions.microsoft.com> wrote in message
news:197a601c41ca4$cfb3ae10$a401280a@phx.gbl...
Hello,
I'm trying to setup an II6 server to serve up a directory
structure on a Win2K server. I enable the WebDAV Service
Extention, I create a virtual dir in IIS6, I give the VD
r+w+index+directory browsing. I setup the Connect As
dialog to use pass though authentication. Directory
security has anonymous turned off and Integrated Windows
auth turned on. I setup the Share and NTFS perms on the
Win2K directory.
When I attempt to open the web folder in the browser, I
get challenged, after providing my credentials 3 times, I
get turned away with a 401.1 error page.
I did some poking around and found an article that talks
about what I *think* is the problem.
http://www.microsoft.com/technet/prodtechnol/windowsserver2
003/technologies/webapp/iis/remstorg.mspx#XSLTsection124121
120120
(See: Protocol Transition and NTLM in the article)
Is NTLM and Kerberos the problem? I think the 2K server
wants to use NTLM and the 2K3 server wants to use
Kerberos, but the tickets aren't being passed properly.
(I don't know why the 2K server would be using NTLM
though, both servers are in AD and should default to
Kerberos, correct?). There is a setting I can make in AD
on the 2K3 server object that would allow the tranlstion
to take place (at least that's how I understand it)---
"Trust computer for delegation", but this seems to
indicate that there are security concerns--are there?
Am I headed in the right direction? Why am I challenged
to authenticate in the first place if pass-through is
enabled? Is there a way around this?
Thanks for any input!
FAQ
Profile
Private Messages
Log in
