Otdfbt

Inverse-quotes-quine

Unusual mail headers, evidence of an attempted attack. Have I been pwned?

Should I hide continue button until tasks are completed?

When is it ok to add filler to a story?

Does anycast addressing add additional latency in any way?

What are the penalties for overstaying in USA?

How to get cool night-vision without lame drawbacks?

STM Microcontroller burns every time

Why do some games show lights shine through walls?

Do French speakers not use the subjunctive informally?

What do you call a weak person's act of taking on bigger opponents?

Dimensions of list used in test

No IMPLICIT_CONVERSION warning in this query plan

MH370 blackbox - is it still possible to retrieve data from it?

When is the original BFGS algorithm still better than the Limited-Memory version?

Does ultrasonic bath cleaning damage laboratory volumetric glassware calibration?

Why is C++ initial allocation so much larger than C's?

Why do some professors with PhDs leave their professorships to teach high school?

Intuitively, why does putting capacitors in series decrease the equivalent capacitance?

How come I was asked by a CBP officer why I was in the US?

Is there a maximum distance from a planet that a moon can orbit?

Change CPU MHz from Registry

What is the fibered coproduct of abelian groups?

Peace Arch without exiting USA

IIS Windows authentication works when I authenticate with user, but doesn't when I authenticate with domain1user

Weird IIS with Windows Authentication + IE problemWindows Authentication with IIS 6.0 not working anymoreIIS Won't authenticate domain user: 401.2IIS 7.0 Web Deploy authentication fails after changing Windows password… help?Does integrated authentication in IIS pass the username and password in plain text when outside an Intranet?Troubleshooting Windows Authentication problems (no challenge) in IIS 7.5?Slow Performance With IIS Basic AuthenticationIIS 8.5 Windows Authentication failing for some usersUsing Basic Authentication with IIS Manager AuthenticationIs there a way to configure IIS to require manual windows authentication even if user browser is configured for automatic logon?

.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;

0

I spun up an IIS server on my domain and verified I could go to http://mycomputername and it displays the default IIS page.

I then enabled Windows Authentication and disabled anonymous authentication and the web.config file now looks like this:

<?xml version="1.0" encoding="utf-8"?>
<configuration>
 <system.webServer>
 <security>
 <authentication>
 <anonymousAuthentication enabled="false" />
 <windowsAuthentication enabled="true" />
 </authentication>
 </security>
 </system.webServer>
</configuration>

Now when I go to http://mycomputername I get prompted for a username and password (this is expected).

I type in "domain1username" and the password and I get a 401 Unauthorized.

I type in just "username" and the password and I get a 200 OK.

I also have a trust from "domain1" to "domain2" and "domain2" users can access this site just fine when they authenticate with "domain2user2" as the username.

Any ideas on why the authentication works when I don't include the domain for users in "domain1"?

Thanks~!

IIS 6.2 on Windows2012R2
Windows Authentication is enabled and has 2 providers enabled

iis windows-server-2012-r2 iis-8.5

share|improve this question

asked Jun 7 at 22:12

Colorado TechieColorado Techie

10133 bronze badges

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Update: it is a 401.2 (win32 status is 5)
  
  – Colorado Techie
  Jun 7 at 22:21
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Update2: when I look at the IIS logs for the successful request, the username is "domain1username" even though I typed "username" into the authentication popup.
  
  – Colorado Techie
  Jun 7 at 22:40
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  What's the web browser? It usually has nothing to do with IIS, but the browser.
  
  – Lex Li
  Jun 8 at 2:28
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  I've tried Chrome, Firefox, and even powershell. Same 401.2 Unauthorized every time.
  
  – Colorado Techie
  Jun 10 at 20:09
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Maybe you didn't realize that a 401.2/200 pair (success) or 401.2/401.1 pair (failure) in IIS log files is what Windows authentication requires. To track down what the browser sends to Windows/IIS, please learn and use a tool like Telerik Fiddler (which is capable of decoding the user credentials sent in HTTP requests). It is too dry to discuss such without you knowing the basics.
  
  – Lex Li
  Jun 10 at 20:12
  

  
  
  
  

add a comment | 

0

I spun up an IIS server on my domain and verified I could go to http://mycomputername and it displays the default IIS page.

I then enabled Windows Authentication and disabled anonymous authentication and the web.config file now looks like this:

<?xml version="1.0" encoding="utf-8"?>
<configuration>
 <system.webServer>
 <security>
 <authentication>
 <anonymousAuthentication enabled="false" />
 <windowsAuthentication enabled="true" />
 </authentication>
 </security>
 </system.webServer>
</configuration>

Now when I go to http://mycomputername I get prompted for a username and password (this is expected).

I type in "domain1username" and the password and I get a 401 Unauthorized.

I type in just "username" and the password and I get a 200 OK.

I also have a trust from "domain1" to "domain2" and "domain2" users can access this site just fine when they authenticate with "domain2user2" as the username.

Any ideas on why the authentication works when I don't include the domain for users in "domain1"?

Thanks~!

IIS 6.2 on Windows2012R2
Windows Authentication is enabled and has 2 providers enabled

iis windows-server-2012-r2 iis-8.5

share|improve this question

asked Jun 7 at 22:12

Colorado TechieColorado Techie

10133 bronze badges

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Update: it is a 401.2 (win32 status is 5)
  
  – Colorado Techie
  Jun 7 at 22:21
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Update2: when I look at the IIS logs for the successful request, the username is "domain1username" even though I typed "username" into the authentication popup.
  
  – Colorado Techie
  Jun 7 at 22:40
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  What's the web browser? It usually has nothing to do with IIS, but the browser.
  
  – Lex Li
  Jun 8 at 2:28
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  I've tried Chrome, Firefox, and even powershell. Same 401.2 Unauthorized every time.
  
  – Colorado Techie
  Jun 10 at 20:09
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Maybe you didn't realize that a 401.2/200 pair (success) or 401.2/401.1 pair (failure) in IIS log files is what Windows authentication requires. To track down what the browser sends to Windows/IIS, please learn and use a tool like Telerik Fiddler (which is capable of decoding the user credentials sent in HTTP requests). It is too dry to discuss such without you knowing the basics.
  
  – Lex Li
  Jun 10 at 20:12
  

  
  
  
  

add a comment | 

I spun up an IIS server on my domain and verified I could go to http://mycomputername and it displays the default IIS page.

I then enabled Windows Authentication and disabled anonymous authentication and the web.config file now looks like this:

<?xml version="1.0" encoding="utf-8"?>
<configuration>
 <system.webServer>
 <security>
 <authentication>
 <anonymousAuthentication enabled="false" />
 <windowsAuthentication enabled="true" />
 </authentication>
 </security>
 </system.webServer>
</configuration>

Now when I go to http://mycomputername I get prompted for a username and password (this is expected).

I type in "domain1username" and the password and I get a 401 Unauthorized.

I type in just "username" and the password and I get a 200 OK.

I also have a trust from "domain1" to "domain2" and "domain2" users can access this site just fine when they authenticate with "domain2user2" as the username.

Any ideas on why the authentication works when I don't include the domain for users in "domain1"?

Thanks~!

IIS 6.2 on Windows2012R2
Windows Authentication is enabled and has 2 providers enabled

iis windows-server-2012-r2 iis-8.5

share|improve this question

asked Jun 7 at 22:12

Colorado TechieColorado Techie

10133 bronze badges

<?xml version="1.0" encoding="utf-8"?>
<configuration>
 <system.webServer>
 <security>
 <authentication>
 <anonymousAuthentication enabled="false" />
 <windowsAuthentication enabled="true" />
 </authentication>
 </security>
 </system.webServer>
</configuration>

share|improve this question

asked Jun 7 at 22:12

Colorado TechieColorado Techie

10133 bronze badges

share|improve this question

asked Jun 7 at 22:12

Colorado TechieColorado Techie

10133 bronze badges

asked Jun 7 at 22:12

Colorado TechieColorado Techie

10133 bronze badges

asked Jun 7 at 22:12

Colorado TechieColorado Techie

10133 bronze badges