针对多个域的集成Windows身份验证 [英] Integrated Windows Authentication for Multiple Domains
问题描述
现在,来自域B的用户需要访问该网站。
但是域B用户在访问网站时会收到弹出窗口来输入验证信息
我的问题是: p>
如何配置IIS或Windows Server以允许域B用户访问网站,而不需要弹出窗口进行身份验证,就像域A中的用户一样。 >
- 检查您是否配置了信任
通过尝试将域用户从域B添加到IIS站点所在的文件系统来验证。
-
验证来自域B的正确用户组是否可以访问您的IIS站点所在的文件系统。 (如果不是从域B使用域用户)。
-
验证从域B测试的用户是否具有正确的组成员资格。
如果运行Kerberos身份验证。
使用命令
klist ticket
,检查客户端用户是否有Kerberos票证
I have Asp.net website for domain A users with the Integrated Windows Authentication.
Now users from domain B need to access the website.
But Domain B users receive pop-up window to input the authenticated information when they access the website
My question is:
How to configure the IIS or Windows Server to allow Domain B users to access the website without the pop-up windows for authentication, just like the users from Domain A.
- Check that you have a trust configured
Verify this by trying to add domains users from domain B to the file system where your IIS site is located.
Verify that the correct user group from domain B has access to file system where your IIS site is located. ( if not using domain users from domain B ).
Verify that the user that is testing from domain B has the correct group memberships.
And if running Kerberos authentication.
Check on client where the user is if you have a kerberos ticket by using command "klist tickets"
这篇关于针对多个域的集成Windows身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!