I have a webapp in two parts (website and webdav part).
Both are running in a seperate application pool in IIS 7.5 due a different framework.
I want to use single sign on for both parts. For the first part (website) its running fine but for the webdav part single sign on doesn't work with a windows 7 client.
When I try with application users (no single sign on), everything works fine for both parts.
Both application pools are running with the same service account.
I searched on the internet for a solution, but didn't find anything that worked. Does someone know how that I can solve this problem or got a manual to configure this?
Thanks
http://www.codeproject.com/KB/aspnet/SingleSignon.aspx
http://www.codeproject.com/KB/web-security/aspnetsinglesignon.aspx
http://msdn.microsoft.com/en-us/library/ms972971.aspx
Related
We have two servers on a cluster, say server1 and server2. We have these for load sharing and backup if one server is down.
We have many HNSC web Apps each containing a bunch of sites.
One particular HNSC web application is not working on one server (server2) but only works on server1. It was working fine till 2 days ago !
Other HNSC web Apps are working fine on both servers. If SharePoint architecture or software updates were the case, then no other web app or site collection would be working on the faulty server, but others are working fine.
The sites within this particular web App are giving the following error in browser window when they hit server2:
Server error: http://go.microsoft.com/fwlink?LinkID=177673
When they hit server 1, they run fine.
Please help.
Looks like it was a problem with sharepoint software updates on one server. The IT Team had installed updates on one server but not the other.
Reason why only 1 webApp (and Hnsc site collections inside it) were giving error is because they were created after the updates were done on one server.
Solution: IT Team did the updates on the other server as well, and all worked fine.
I inherited a mess of servers which host multiple applications on IIS6, protected by R6 SiteMinder. The environment is soon going to R12, and we have also received some new servers with IIS7.5. (Lots of change, all within the next 60days.)
I am not an expert, and so am having trouble with some of the more detailed steps of configuration. Thus far, on the new server I am able to create and apply SiteMinder to the DefaultWebSite (and everything contained within), and any custom Sites that I create. Unfortunately in our environment, it is already set up with a handful of applications that live underneath DefaultWebSite, only some of which we desire SiteMinder protection.
In IIS6 I was able to simply add a site to SiteMinder authentication by applying the ISAPI6WebAgent.dll in the wildcard mappings. In IIS7.5, this does not seem to work. I follow the specific details in the installation manual and it seems like it is either an all-or-nothing situation: everything under DefaultWebSite is protected, or nothing is.
This will cause a SIGNIFICANT amount of additional work in my environment (and it also means upgrading in place is not possible, so all applications that require SiteMinder authentication will need to be migrated in the next 60 days.) Is there ANY workaround for this? Google has not provided me with any solutions, and my SiteMinder team is claiming "it is no longer possible with IIS7.5" to keep the environment the way it is currently set up.
Any and all help appreciated.
For those that care, if you are running under an Integrated App Pool, you can simply add and remove the SiteMinder modules to control which sites are protected by SiteMinder. This DOES work on apps below a virtual directory - and using the config files you can both inherit protection by default, or have it unprotected and add it later by simply "Configure Native Module" and adding it back.
I swapped my hard disk for an ssd, and am having fun recreating my environment.
Im runnin win7 pro, and my web app is returning false from user.identity.isauthentication (was working fine before I upgraded to the ssd).
I added windows integrated security as a security feature under the windows components (Im running local iis), and enabled it for the web site.
If I disable anonymous, user.identity.isauthenticated returns true with the correct credentials - BUT I am always prompted to enter my credentials.
AHAH - it must be ntfs permissions. But Ive added them for every account I can think of - NETWORK SERVICES, my own account, IUSR, authentication users, and several others that were already there. Makes no difference.
Maybe the app pool Im running under - but Ive tried DefaultAppPool, .NET 4.0, and .NET 4.0 Classic. Again, makes no difference.
Does anyone have any ideas on other things I can try? Im not on a domain or anything like that, this is entirely local. Thanks!
The solution was in the browser, in this case under ie9 Internet Options. After verifying in the Advanced tab that Enable Windows Integrated Authentication was checked, one must go to the Security tab, under Local Intranet/Sites and uncheck "automatically detect intranet network" and check "include all local intranet sites".
What's in your web.config?
<authentication mode="Windows"></authentication>
I'm a front end developer, working on IIS/.NET websites. My local development setup is Windows 7 with IIS 7.5. I'm currently working on a mobile site, and want to be able to check it locally on various mobile devices on the LAN.
After a lot of trial and error, I was able to figure out how to access my dev box over the LAN, but I think my solution is a little convoluted... The department standard is to develop under a new IIS "site" for every website we work on (since we work on many different projects and they often have very different requirements), outside of the \inetpub\wwwroot directory. So basically, I don't use the "Default Web Site", but I noticed that that was the only "site" I could access over the LAN. I ended up adding a Virtual Directory on the Default Web Site, pointing to the web root of the site I want to access over the LAN (e.g., "mysite").
I added firewall exceptions for "Secure World Wide Web Services (HTTPS)", "Web Management Service (HTTP)", and "World Wide Web Services (HTTP)", and voila, I can access the site from any device on the LAN, via http://xxx.xxx.xxx.xxx/mysite.
The only problem is that the SSIs (Server Side Includes) on the site aren't working. I just get a "Error processing SSI file" message where each file should be included.
I was thinking that it must be a problem with either the way I set up the Virtual Directories, or maybe a security setting that blocks SSI content across the network.
Any ideas?
If your html and files aren't in the default Inetpub folder have you added the IUSR_MachineName local account to the NTFS permissions? Otherwise Anonymous authentication won't work.
{Edit}
Sorry I missed the line where you said you changed the firewall permissions and got the sites working. However if the folder the SSI's are in doesn't have the correct NTFS permissions it might mean the Worker Process can't access the includes. (Now I'm guessing)
I have recently installed a website project on Azure and that was relatively easy to do thanks to great docs online. We are having a problem with the back office (admin) login though, it's a bit strange, as it didn't happen straight away, I shall elaborate....
When I go to http://www.keelycattschoolofdance.co.uk/umbraco/ it takes me to the login page, which seems fine.
(The url at this point becomes www.keelycattschoolofdance.co.uk/.../login.aspx)
I then login, which works and it starts to display the admin panels but then bounces back to the login and the URL becomes www.keelycattschoolofdance.co.uk/.../login.aspx
I am running this on Azure using the Accelerator, latest version of Umbraco and using SQL CE 4.0 rather than SQL Server.
has anyone seen this before?
Please let me know if you need more information, I shall respond :-)
Thanks in advance
Nick
It sounds like it may be a Session error. This is a problem for Azure and Umbraco because Azure uses round robin load balancing.
The normal way of setting up an Umbraco site using the accelerator would be to have a separate session DB where the shared session state is stored.
Make sure you are using this accelerator for Umbraco on Azure as it's the latest and best.
http://waacceleratorumbraco.codeplex.com/
We have several large production sites using this and I can confirm they all work fine (including the backend editing environment).
Things to watch out for are that you need to follow the instructions closely as they are easy to get wrong :-)
Make sure you don't have dashes in your db names as this makes things go wrong as well.
Finally if you are using more than one web role the Umbraco preview can sometimes yellow screen, as the preview XML may not be on the server that gets to the preview request. This is again because of the round robin load balancing.