In my site I have one folder that does not allow anonymous access. It is set up to use Integrated Windows Authentication as it is on an AD domain. The login works fine in Firefox, Chrome, even Safari, but not IE8. Has anyone encountered this before? I can't seem to find anyone else with a similar issue, except for where the login fails in all browsers of course.
How do I turn off IE's protected mode in Windows 2008 R2?
I'm building development servers, and it is just getting in the way.
I've developed a couple of internal sites for my organization that use integrated authentication. Ultimately we want these sites to be accessible externally to users with domain-joined computers. The sites work as expected on domain computers while on the internal network. The problem comes when I take my laptop home and try to access those sites.
IIS only has integrated authentication enabled for the two sites. When I browse to the site using IE8 I get a username/password prompt asking for domain credentials. I can put those in and it will work, but the goal is to use the cached token for integrated authentication.
Next I reasoned that IE wouldn't response to an integrated auth request (is NTLM the right term for this?) unless the site was trusted. I tried adding the site to Trusted Sites but I get the same behavior as the before. I then added the site to Local Intranet sites and that is where things get weird. I get a generic error page from IE, no error code or anything.
Just for funsies I loaded up Firefox (which I had previously set up to use integrated authentication) and I added this new site to network.automatic-ntlm-auth.trusted-uris. Much to my surprise I was able to load the pages up with no problem at all and saw exactly what I was expecting (including verification that the integrated authentication worked).
My mind is a bit boggled at the moment as I'm not really sure where to go from here. I was hoping some of you may be able to provide some insight.
Update 05/11/10 I got to messing with Fiddler as recommended below and saw some discrepancies between how Firefox and IE handle the page request. When I tested Internet Explorer it makes one request, hits a 401.2 (server configuration error) and dies. There are no security log entries when this happens. Firefox encounters this same error initially, but subsequently sends another request and authentication is successful.
Keeping in mind the initial testing was all from outside the network, I looked at a successful auth by IE8 when done inside and it appears to behave the same way as Firefox both internally and externally. The initial request is met with 401.2, then another one is sent and is met with 401.1 (the challenge?) followed by a 200 (success).
So the problem seems to be that when accessing the "intranet" site from outside the network, IE8 experiences a 401.2 and then dies when it should (by measure of other browsers) keep going with the authentication process.
Can someone verify the Fiddler activity that I described?
In IE6 there was a registry key hidden away that would allow you to enable autocomplete but only for usernames, not passwords.
This key no longer has any effect in IE8. I can either enable or disable autocomplete for usernames and passwords, but not just one of the two.
What I'm looking for is a way to enable autocomplete for usernames, but disable it for passwords.
Is there a way to do this in IE8?
I am an IT-Admin at an medium sized lawyer firm. I see that Windows Update is trying to push IE8 out to the market.
Does anyone know if there is any disadvantages to upgrade to IE8? Besides, perhaps, more memory usage compared to IE7.
The clients are running IE6 or IE7 currently, and none of the application are directly dependent on internet explorer as such.