When in Geneva Server Beta 2 you try to configure and use Windows Integrated Authentication, it may not prompt for credentials and instead you receive an error message:
- When connecting from another computer, you may see the following error message:
- And when you connect from the same server, the more detailed error is displayed:
The error messages indicate that Windows Authentication is disabled, but when you check the IIS configuration it shows as if it were enabled:
So, where is the error?
In IIS 7 the overall configuration file is stored in C:\Windows\System32\inetsrv\config\applicationHost.config. The file contains some configurations that apply to the whole server, some configurations that apply to each site, and some that apply to a specific path. If you scroll down the file until you see the "FederationPassive" location configuration, you’ll see that Windows Authentication is disabled. That is OK except that it is also removing the authentication providers, so no child location can use Windows Authentication without them!
Open applicationHost.config in a text editor. Find the <location> tag related to Windows Integrated Authentication and modify it to look like the following:
Below you’ll find the complete configuration section that you can copy and paste onto your applicationHost.config file.
<location path="Default Web Site/FederationPassive/auth/integrated" >
<anonymousAuthentication enabled="false" />
<add value="Negotiate" />
<add value="NTLM" />
<handlers accessPolicy="Read, Script" />
When you save the file, IIS will automatically reload the configuration, so you don’t need to restart any service.
Hope this helps!
July 18th, 2007
This is a project I was involved in, helping DPE, so I'm proud to announce that it was just released to the public.
This Developer Training Kit is composed of 7 labs:
For more information, please read James' original post: http://blogs.msdn.com/jamescon/archive/2007/07/17/just-released-windows-server-2008-developer-training-kit-beta-3.aspx
The download is available at: http://www.microsoft.com/downloads/details.aspx?FamilyId=B36EE81A-AFF5-4314-95D7-DAD3ACFA8094&displaylang=en