针对多个域的集成Windows身份验证 [英] Integrated Windows Authentication for Multiple Domains

问题描述

现在，来自域B的用户需要访问该网站。

但是域B用户在访问网站时会收到弹出窗口来输入验证信息

我的问题是： p>

如何配置IIS或Windows Server以允许域B用户访问网站，而不需要弹出窗口进行身份验证，就像域A中的用户一样。 >

解决方案

1. 检查您是否配置了信任

通过尝试将域用户从域B添加到IIS站点所在的文件系统来验证。

1. 验证来自域B的正确用户组是否可以访问您的IIS站点所在的文件系统。 （如果不是从域B使用域用户）。




2. 验证从域B测试的用户是否具有正确的组成员资格。

如果运行Kerberos身份验证。

使用命令
klist ticket

，检查客户端用户是否有Kerberos票证

I have Asp.net website for domain A users with the Integrated Windows Authentication.

Now users from domain B need to access the website.

But Domain B users receive pop-up window to input the authenticated information when they access the website

My question is:

How to configure the IIS or Windows Server to allow Domain B users to access the website without the pop-up windows for authentication, just like the users from Domain A.

解决方案

1. Check that you have a trust configured

Verify this by trying to add domains users from domain B to the file system where your IIS site is located.

1. Verify that the correct user group from domain B has access to file system where your IIS site is located. ( if not using domain users from domain B ).

2. Verify that the user that is testing from domain B has the correct group memberships.

And if running Kerberos authentication.

Check on client where the user is if you have a kerberos ticket by using command "klist tickets"

这篇关于针对多个域的集成Windows身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！