Since a month or so ago our users began getting prompted to logon twice (basic authentication dialog after forms authentication prompt) when logging into the Remote Web Access on our Small Business Server 2011. They can login and everything works, but it is annoying.
The prompt appears to have started after we installed Windows updates on the SBS server. The server had not been updated for quite some time.
I have checked the authentication options in IIS and when I disable Basic Authentication and do an IISRESET
, the double login prompt disappears. Unfortunately a day later it appears again!
Update:
I discovered that an IISRESET
alone fixes the second authentication prompt. Could it be that something is broken in the transition between forms-based authentication and the subsites?
Update 2: After examination of the IIS logs I discovered that the popups (HTTP 401 statuses) were originating from the RDP service:
2014-10-22 06:56:41 192.168.2.10 GET /Remote/BuiltIns/HomePage/GadgetDnD/GadgetDnDService.svc/js - 443 DOMAIN\USERX 62.12.14.25 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+Trident/5.0) 401 0 0 639 2014-10-22 06:56:41 192.168.2.10 GET /Remote/BuiltIns/RDP/RemoteDesktopWebService.svc/js - 443 DOMAIN\USERX 62.12.14.25 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+Trident/5.0) 401 0 0 686
I also found these errors in the event log:
Source: ASP.NET 4.0.30319.0
Date: 9/17/2013 15:31:28
Event ID: 1309
The symptoms all point to the problems described in this blog post Troubleshooting “An unexpected error occurred” message when using Remote Web Access to connect to computers.
I have updated the Remote Web Access web.config
as described as workaround and I will update in a couple of days if this is a workable solution.