I have created a folder for a site that i would like authentication for. I am able to this with windows authenication. I would like to be able to this without having to create windows accounts. I have tried doing forms authentication but it gives me "This feature has been locked and is read only" when I try to enable it at the folder level. Is there a way I can enable it, and if not what would be the best way to authenticate withough windows accounts?
Related
I have a tfs test server, and using a test account with a PAT issued by my TFS admin account, I wanted to see if it was possible to browse to the TFS web-portal using the PAT to authenticate.
Using:
curl -u Test:57qxqxxfdcvnFAKEthisisfakeFAKE https://tfstest.company.com/tfs/collectionname
I get some reasonably sensible html back that seems to indicate that it accepted the authentication. When I save this html to a file and open it, it displays what I might expect. I don't get the css, or anything but it appears to be the normal page coming back, without anything the browser would normally get when the html is expressed.
I can also use REST API's by specifying the proper URLs for those API's, and so I conclude that the PAT auth is working as expected.
But is it possible for me to open IE and browse to https://tfstest.company.com/tfs/collectionname, by some means, only using the PAT for auth ?
Thanks.
No, you are not able to directly use PAT to browser web portal.
Personal access tokens (PATs) are alternate passwords that you can
use to authenticate into Azure DevOps.
Azure DevOps uses enterprise-grade authentication to help protect and
secure your data. Clients like Visual Studio and Eclipse (with the
Team Explorer Everywhere plug-in) also support Microsoft account and
Azure AD authentication.
For non-Microsoft tools that integrate into Azure DevOps but don't
support Microsoft account or Azure AD authentication, you must use
PATs. Examples include Git, NuGet, or Xcode. To set up PATs for
non-Microsoft tools, use Git credential managers or create them
manually.
When you access TFS server for the first time through web portal, a Windows Identity dialog box appears. You need to fill in your account credentials and password choose the OK button.
I am facing an issue with windows authentication in IIS. I have a website which is intranet site. But the problem is that only the admins of IIS can use it, not the other users in the same intranet. Windows authentication pop up is showing but after entering the username and password it is displaying the same authentication pop up.
I actually found the answer to this, it might help someone who will be stuck like me. The problem was in the security tab we did not add user Account as "Users". We had all the accounts like IIS_USRS,admin, etc but we forgot to add "Users". After adding it allowed everyone to access the site.
The strange thing is when your application doesn't need Windows authentication then IIS_USRS are enough otherwise don't forget to add "Users" or whatever account needed to access.
This can normally happen, by permissions a bad configuration of permissions.
Try doing some of the following options.
1.Verify that the user of the "Applications Pools" where the app is running, has the necessary permissions in the location where the app is located.
2.Verify that you have "Windows Authentication" enabled in your app. (Of course this is only if your app requires Windows Authentication if your app does not require Windows Authentication only activates Anonymous Authetincation and deactivates the others.)
3.Verify your app providers are set in this order for Windows Authentication(NTLM,Negotiate)
We are using Microsoft Reporting Service 2008 R2 to develop reports and we are accessing these reports through an ASP application.
Response.Redirect(http://<serverIp>:80/ReportServer/Pages/ReportViewer.aspx?%2fReport+Project3%2fReport1&rs:Command=Render"n_Id=675);
When I access my report-server through my web service URL, it prompted for a windows login and password when accessed from a different machine (working fine if I provide the Credentials), but it is working fine in the local machine.
What configuration do I need to adopt to get rid of this?
Looks like you need to change the authentication type to Windows authentication (Integrated Security) in the SSRS Config/IIS Manager:
Open IIS Manager.
Right-click the report server virtual directory and click Properties.
Click Directory Security.
In Authentication and access control, click Edit to open the Authentication Methods dialog box.
(Optional) Clear the Integrated Windows authentication check box.
If the report server virtual directory is configured for both Integrated Windows authentication and Basic authentication, the report server will try Windows authentication first. If you want to use only Basic authentication, you must clear the Integrated Windows authentication check box.
Select Basic authentication.
Set the default domain or realm used to authenticate clients to the Web server.
http://msdn.microsoft.com/en-us/library/bb283249.aspx
http://technet.microsoft.com/en-us/library/bb283249(v=sql.90).aspx
I have two questions on wss 3.0
How to know that kind of authentication is currently in use.
How do I set the authentication in such a way that users on office network don't have to input user name\password? So if users are in the office they can just go straight in without using a password? Those outside the office will obviously still have to use the password.
Detail answer would be really great.
For #2, you also need to make sure that Internet Explorer has your site listed as a trusted site or intranet site so that IE will be willing to pass the credentials to the Sharepoint Server
There are two build-in authentication types: windows and forms.
You can configure it in central administration (as far as I remember in "Application Management" section).
Windows authentication will use current user's windows credentials to login on site. So if SharePoint is configured with windows authentication and permissions were granted to user there will be no request to enter login/password. In other case (outside of office for example) site will ask for credentials.
I've imported a bunch of users into my Active Directory with some custom fields. Then I did a profile import from Active Directory to Sharepoint with all the custom fields and regular fields. After this, I needed each user to be in a site collection with a MySite set up for them. I did that by writing some code that ensured the user existed and then checked the profile attribute "personalspace" to see if a MySite had been created. Everything worked great until some of the users needed to login from outside the network.
I'd like to get rid of the windows authentication pop-up that a user would get if they hit from outside the network (or haven't added the site to their trusted zone in IE). I've extended my web application to create an internet zone. Then I edited the web.config of the internet site to do active directory forms authentication, along with editing the Central Administrator's web.config so that it can see the data source. This is all well and good, the user can login through a nice interface. The only problem is that now the user is detached from their user profile. Essentially Sharepoint views a windows authentication user and a forms authenticated user as two separate users.
Is there a way to link the profiles? Do I have to write a custom membership provider to log a user in and then link them up to their windows account? Is there a way to log a user in from the internet web app and then spoof their windows credentials and pass it to the intranet? Do I need to recreate all the user profiles based on the forms authentication data source?
Is this what are you looking for .. http://grounding.co.za/blogs/brett/archive/2008/01/09/setting-up-dual-authentication-on-windows-sharepoint-services-3-0-forms-and-ntlm.aspx ?
See ya
I've been trying to accomplish the same thing, with exactly the same problem - the "forms-authenticated-me" is not the same as the "windows-authenticated-me" to sharepoint, and I can't see how to map the two.
After a lot of frustrating efforts, I think I've finally realized it's not possible. In retrospect, this isn't too surprising.
here's an excerpt from http://msdn.microsoft.com/en-us/library/bb975136.aspx (my emphasis added)...
Deciding to Use Forms Authentication
Some organizations want to use Windows
users and groups in SharePoint
Products and Technologies, but enter
credentials via forms authentication.
Before using forms authentication,
determine why to use forms
authentication in the first place:
What is the business driver? If user
accounts are stored in a location
other than an Active Directory domain
controller, or if Active Directory is
not available in a particular
environment, using forms
authentication with a membership
provider is a good choice. But if you
want to force logon only via forms
authentication, but still use Windows
and all of the integrated features it
provides, you should consider an
alternative such as publishing the
SharePoint site with Microsoft
Internet Security and Acceleration
(ISA) Server 2006. ISA Server 2006
allows users to log on by using a
forms authentication Web form, but
treats them like Windows users after
authentication. This implementation
provides a more consistent and
compelling experience for end users.
You can set up the Forms Authentication to use the Active Directory Forms Authentication provider. You'll get the best of both worlds.
The login prompt will be the Forms Authentication prompt that you want, but the profile and login info will come from Active Directory.
Follow these instructions to configure the provider:
How To: Use Forms Authentication with Active Directory