I have an intranet site using Windows Authentication. When users are prompted for credentials, they enter:
User: domain\username
Pass: SomePassword
It'd be nice if they could leave off the domain\ part which would be filled in with a default domain. I'm willing to give up the ability to login with a server/machine account (non-domain) because we don't use that anyway.
This seems to be possible with BasicAuth but I can't seem to find a reference for how to do it with WindowsAuth.
"Windows Authentication" means the browser send the credentials of the currently logged on user to the web server; then, if this authentication fails because the user doesn't have enough rights to access the site, he gets prompted for a logon.
The credentials sent automatically by Windows Authentication are always those of the currently logged on user, including the domain he belongs to; so you can't specify anything here, as it just wouldn't make any sense to do so.
You cannot, there is no way for IIS to set the default domain when using integrated authentication. A popular trick to appease users is to have them login with
[email protected](their UPN in Active Directory terms) instead - this typically matches their e-mail address, and is much more palatable to end users.