Internet Explorer提示输入AD用户的用户名和密码。 [英] Internet Explorer prompting for username and password for AD Users.
问题描述
我有一个asp .net应用程序。它已安装在我们客户端的许多服务器域下,并且单点登录成功。
我的列表中添加了一个新客户端,我遇到了Active Directory SSO问题。我已在IIS中检查了身份验证部分的设置。它仅适用于Windows身份验证。
当作为localhost运行时,应用程序在服务器上工作,并将用户带入应用程序而不提示用户输入用户名和密码。但如果同一用户登录到同一网络中连接到同一域的其他某台PC,则会提示他输入用户名和密码。
客户端对安全部分非常严格,以至于他还没准备好向我们展示Internet Explorer的安全选项卡,以检查是否使用当前用户名自动登录和密码是否启用。他们在整个组织中制定了全球团体政策。
根据他们的说法,他们有许多其他基于网络的应用程序,使用单点登录具有相同的政策。
我的问题是。是否可以绕过凭据提示而不在Internet Explorer安全设置中启用自动登录当前用户名和密码?
客户端尚未准备好显示或改变其政策,除非我能向他们展示某种服务器日志或一些可以证明我的一面的证据。
请帮我解决这个问题。
不,如果他们已禁用自动登录或禁用本地Intranet区域,则无法绕过凭据提示。
如果他们不准备与您合作解决问题,那么他们要么必须忍受凭据提示,要么自己解决问题。 :)
Hi,
I have an asp .net application. It has been installed at many of our client's server under a domain and is working successfully with single sign on.
A new client is added to our list where i got stuck with the Active Directory SSO issue. I have checked the settings in IIS for the authentication part. It is set for Windows Authentication only.
The application is working on the server when run as localhost and takes the user inside the application without prompting the user for username and password. but if the same user logs in on some other pc in same network which is connected to the same domain he is prompted for username and password.
The client is so strict on security part that he is not ready to even show us the security tab of internet explorer to check if the "Automatically logon with current user name and password" is enabled or not. They have a global group policy across their organisation.
According to them, they have many other web based applications which work with single sign on having the same policy.
My question is. Is it possible to bypass the credential prompt without having "Automatically logon with current user name and password" enabled in internet explorer security settings?
The client is not ready to show or change its policy unless i can show them some kind of server log or some evidence which can proove my side.
Please help me to come out of this.
No, you can't bypass the credential prompt if they've disabled automatic logon, or disabled the Local Intranet zone.
If they're not prepared to work with you to resolve the issue, then they'll either have to live with the credential prompt, or solve the issue themselves. :)
这篇关于Internet Explorer提示输入AD用户的用户名和密码。的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
