Hi there, I have a single sign on issue using windows xp and internet explorer. Under normal circumstances, my computer is connected to our local area network. My computer is part of our active directory structure and my username also belongs to the active directory. When I start internet explorer and navigate to our intranet, I will be identified and authenticated by this website via a single sign on mechanism. (With my username, I am logged on with). And everything works fine! Now assume, that I am on business trip. I am not connected to the LAN and therefore logged on by my cached profile on my computer. (Same username as before). Then I connect my computer to an external provider by setting up a network connection with an appropriate username and password. Additionally I set up a VPN tunnel to the LAN of my company. Now, when I start the internet explorer and navigate to the intranet-web-page, the single sign on fails and I will be promted with an authentication window. And the strange thing is, that the username which is already placed within the form, isn't the username I am logged on with (my cached profile), but the username of the network connection I need to connect my computer to the external provider. I already did some searches within the filesystem and the registry, but I nowhere found this username... And I also had absolute no idea, how to configure my windows in the way to use my username I am logged on with, instead of this username which belongs to the network connection. I would be more than happy, if somebody could give me a hint... !!!! Thanks in advance, Josch
Single sign on via network connection
8 posts
• Page 1 of 1
- dotnet framework
- MS InfoPath
- VC.NET
- JAVA
- IIS
- Exchange 2000
- unix
- Windows XP
- dreamweaver
- windows update
Jump to:
- 1. Internet Lock locks out Lan on ZoneAlarm Pro 4.0
Hi, When the Internet Lock on ZoneAlarm Pro 4.0 is enabled, it not only locks out the Internet but the LAN connection too. I thought this was a bug in Ver 3 which was corrected in Ver 4.0. Any suggessions? Thanks in Advance. Derek - 2. Blocking IP Addresses in Real Time
I am looking for a way to Block / Allow in coming IP address to a PC. Now this can be done with all the firewall software / hardware. But my problem is that I need to go in and manually configure the rules, reboot the machine etc etc. This is not practical when 1000's of allow / block request has to done in a day. Is there a firewall software or hardware that I can send a SNMP message and set the rules, even better would be a http post or socket call etc. Thanks Jay - 3. CheckPoint FW-1 NG stopped logging
Hi, During the weekend our firewall (Nokia IP440 Checkpoint NG) stopped logging to disk. The last 2 lines the log indicated a full disk was the reason and "All log clients are disconnected". How do I get the firewall to start logging again (i freed up enough space). Please tell me I don't have to restart the firewall. Regards, Raymond Zwarts
Next
Single sign on via network connection
by josch67 » Fri, 14 Jul 2006 01:08:03 GMT
Re: Single sign on via network connection
by Sebastian Gottschalk » Fri, 14 Jul 2006 02:12:07 GMT
Single Sign-On is an issue for itself, as well as MSIE is. The mysteries of NTLM authentication will never be uncovered. Oh wait, there's some documentation telling exactly why it is so... Sadly, no one ever remembers RTFM.
Re: Single sign on via network connection
by josch67 » Fri, 14 Jul 2006 21:36:14 GMT
The reason, why I ventured to asked, is exactly because I didn't find any hint or solution in the documentations I dispose of. (Searching MS Technet articles primarily) And as far as I can judge, I just asked in a friendly manner. So if there are some people who probably think "what kind of stupid things this guy is asking" just do not reply! Save your time for writing and my time for reading things who doesn't help either the writer nor the reader... But I would be still more than happy if someone could give me a hint (also just a hint which documentation probably could help)! Thanks in advance, Josch Sebastian Gottschalk schrieb:
Re: Single sign on via network connection
by Sebastian Gottschalk » Fri, 14 Jul 2006 21:41:01 GMT
The problem is that you're first authenticating locally and then just
tunneling to your network. What you actually need is to login remotely,
f.e. with Remote Desktop.
And you should stop depending on NTLM authentication for webbrowsers.
The implementation in Mozilla/Firefox sucks, Opera doesn't support it at
all, and MSIE is totally {*filter*}ed up about any HTTP authentication scheme.
Re: Single sign on via network connection
by Duane Arnold » Fri, 14 Jul 2006 21:42:07 GMT
Is there something wrong with asking your support people at your job for help? Why are you not asking someone there for help? Duane :)
Re: Single sign on via network connection
by Duane Arnold » Fri, 14 Jul 2006 21:55:13 GMT
The Web server is making you authenticate your credentials. I would assume that it knows the difference between a machine that is physically on the LAN on the Intranet trying to make the connection to the Web server as opposed to you doing it remotely through some VPN connection and you're not really on the trusted LAN domain, with the connection being made over the Internet. In any event, you should be asking your support people at your job as to why it is so. Duane :)
Re: Single sign on via network connection
by Volker Birk » Fri, 14 Jul 2006 23:19:48 GMT
The complete behaviour depends on your network setup. What are you doing exactly? Yours, VB. -- "Alles geht allen, nur meins geht mir." Patricia Bednar er Kommunismus
Re: Single sign on via network connection
by josch67 » Wed, 26 Jul 2006 22:12:35 GMT
Hi all, I just found a microsoft technet article which desribes the problem. (Including an appropriate solution). http://www.**--****.com/ Thanks for all tips anyway! Regards, Josch Volker Birk schrieb:
8 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 52 guest