windows - using both basic and Integrated authentication -
We want to use an integrated Windows authentication, if a user accesses our SharePoint site from within our organization, And the basic authentication (using SSL)) When someone tries to authenticate outside our organization, it seems that IE will try Windows ath no matter what and ignore basic Auth from outside our organization . This is undesirable because the user is required to enter DOMAIN in the login box (the user is notorious for calling our helpdesk). Basic Ath allows us to specify the default domain. Windows Athlete does not do this. So the desire to use Basic Ath for the outside, Windows ath for the inside.
The solution to enable Windows Ath inside the network and what is Basic Aast outside our network? Do I need to set up two separate sites inside the IIS (one for Windows, second for the original)? Will it require 2 different host names?
Is there any solution that I am not thinking about here?
Thanks all.
assumption: you want to authenticate all users, both internal and external, against the same active directory domain. Are there.
If the main goal for external users is to be able to login without typing the domain name, you can use ISA Server.
You can connect internal users directly to your SharePoint server by directing your internal DNS direct to your SharePoint server. Thus, auth for windows will work for them.
External users can then point to your ISA server (via DNS), and ISA can be configured to show a login page for SharePoint where no domain name is required. is. (This is a web form that they are filling, but authentication is against Active Directory).
Getting ISA to work this way is a bit difficult, because you have to get AAM settings in SharePoint right. And if you are doing SSL or SQL reporting services, then it is even more difficult. The main problem is that a false error message is telling you what is wrong. But this is possible. :)
We have set this up, and it works great, but there is definitely a pain to do the right thing.
Tim
Comments
Post a Comment