We are facing Login problems while Logging to our site. We (the Developement Team) can log in to the site with only one prompt but many users are getting login prompts several times. After pressing ESC for 5-6 times they can login to site. Is there any AD setting that needs to be changed?
If so not even the Site Admin (Full Permission) can log in without prompts.
I have already added the site in trusted sites in Internet Explorer.
Is this a publishing site? If so, have you ensured that all of your content is published? If anything is still in draft and has never been published then they will receive authentication prompts as ordinary users can't see draft content. Make sure you check CSS files and other assets such as images.
Add your site to the Trusted Sites in Internet Explorer
I suggest you check out this link here and check your settings compared to these. I have set up several MOSS 2007 servers following this guide with no problems at all...except for small mistakes on my part :P
Related
I have created a test SharePoint server to be as close to our production server as possible. Production SharePoint databases were backed up and restored to our test server. The three main web.configs (Central Admin, main site, Security Token Service Application) were modified to include our custom app settings.
The site comes up fine, logging in using both AD and our custom FBA membership provider works as well.
Certain pages are visible in the Site Libraries through View All Site Content and using SharePoint Designer but SharePoint says that the page(s) are not found if you try to view them or check them in. Not all pages are not available. If I delete a bad page and replace it with a copy from our production application, it displays fine.
I've already found and tried possible solutions such as restarting the Search Query and Site Settings Service and checking the Alternate Access Mapping. I also found a possible solution that has you go to Component Services and modify security relative to an OSearch14 property. I was not able to modify this since right clicking on the property did not pop up any menu options. I will continue to look into this.
Any Ideas? I appreciate any help.
Thanks.
I have a requirement to always prompting of log in information for users in SharePoint site rather than taking their logged in credentials.
Any idea??
Depending on the setup you have.
You could just remove the SharePoint site from the trusted sites or local intranet under IE's security tab using a group policy.
This will cause a prompt every time they go to the site.
you need to reverse the steps found here
Regards,
Vince
Our environment is Sharepoint 2010, with a web application created (and site collection on top), using claims based authentication. The first site is using port 881. It is using integrated windows authentication. Another web application is created, extending the first application, using port 882. This site is using Forms Based Authentication, the membership provider is System.Web.Security.ActiveDirectoryMembershipProvider, named admembers. I have turned off Client Integration on both sites.
When I login to the 881 site, on my corporate network, logged into the machine with the same domain account that sharepoint uses, I can open an Office file saved in a document library, and it subsequently opens in the appropriate Office application, without asking me login again. But, If I login to Sharepoint from a computer that is not on our network, or login to the computer with an account that is not a domain account, I get prompted again to login when openning an Office document. If I choose the option to save, it does not prompt, but if I choose open in the dialog window, I am forced to enter my domain credentials again.
When I login to the 882 site, which uses FBA, I experience the same problem. If I open an Office document, the appropriate Office application opens, and asks me for my credentials, by showing me a dialog window with the sign in page loaded. If I choose to save the file, then I am not prompted to login, and the file saves to a local folder.
I can't expect my users that are off site to login again everytime they open an Office document, like Work, Excel, Powerpoint, etc. I have tried numerous fixes, including disabling client integration, changing the browser handling mode (strict/permissive), changing internet explorer settings (for integrated windows authentication), changing the integrated windows authentication site to use basic authentication, even hacking the page using jquery to call the sharepoint javascript function that execute the "download a copy" function. None of them work: when choosing to "open" the Office document in the browser, the user has to login again, or just close the dialog window without logging in (as long as client integration for the zone is turned off).
I'm looking to get this accomplished using windows authentication or forms based authentication.
Help!
I found this answer in a similar post which seemed to fix the problem for me when I tested it. The gist of it is you need to deny the HTTP Verbs OPTIONS and PROPFIND in IIS. Having said this, I'm not an IIS guru and am not exactly sure what this means or what else it might affect. Can anyone else shed some light on this?
A bit of background, I'm using SharePoint 2010, on an FBA site.
You have the standard three use cases:
Employee intranet access
Employee remote access
Partner remote access
Employee intranet access
This normally always works out of the box, and it looks like it is working for you.
Employee remote access
The only way that i have seen this work (and i have tried many ways) is to get TMG or ISA. Basically ISA is setup in FORMS auth with SSL, it captures the auth details, and then passes them to the sharepoint server. (and other servers if you have them eg OWA for sharepoint mail web parts)
If you select the "Is private computer" option on the ISA login screen, then Office documents share the auth cookie and don't prompt for another login. I had so many problems, but as soon as i installed TMG, they all went away. I would not recommend any other approach now.
The added bonus of this method, is that remote employees are treated as the same account as the intranet user. The way you are setup with a seperate web application, means that they will be different accounts, so things like [checkout/modifiedby/createdby/personalisation] will be different accounts (though they look the same)
Partner remote access
This may never ever work on some clients (especially Vista), as IE needs to share the authentication with Office
If this is sharepoint 2010, try this.
Get-SPSecurityTokenServiceConfig
Look at your UseSessionCookies value in the output. If True, apply the powershell below.
$sts = Get-SPSecurityTokenServiceConfig
$sts.UseSessionCookies = $false
$sts.Update()
If UseSessionCookies is true, you will have to login to any docs u want to download...
I have enabled anonymous users on the farm and on the entire site.
I also have Windows Authentication turned on.
Whenever an anonymous user attempts to view the site, they are prompted to log in.
And they get prompted to login on every single page they view.
I would like to allow users to log in via Windows Authentication, (perhaps through a special page), but anonymous users should not get prompted to put in their password ever.
Does that mean I need to switch to forms based authentication for the entire site, or is there an option in 2010 to somehow get Windows Authentication and allowing anonymous users to live harmoniously.
It could be because some of the file is not published. For ex, if master page, CSS stylesheet or any image is unpublished, it will prompt the user for login.
Make sure everything is published and it will work.
You need to see if it is anything on this path http://server/_catalogs/masterpage/Forms/AllItems.aspx
that it is not published.
You must publish everything
May be you missed some of the configuration steps .So i wish if you take a look to the following article
SP2010 Branding Tip #9 – Turn on Anonymous Access
Regards
I assume that you are using the Publishing Site Template for the public site and hence the default.aspx (the welcome page of all the subsites) is not published so you would need to start the approval workflow publish the pages and any other assets (master page, css, images etc)
You need to do some prepwork to set the site up using two web applications, both with different authentication methods. You can't run SharePoint effectively for Windows users and anonymous (or Forms based authentication) at the same time.
Essentialy:
Create your SharePoint site for internal users using Windows Authentication
Extend the site to a new site (using the same content database) but using anonymous or forms based authentication (whichever makes sense for you)
A MSDN article can be found here on this:
http://msdn.microsoft.com/en-us/library/ff648385.aspx
You can also read Andrew Connell's blog about this (he talks about Forms based authentication but you can do the same with anonymous access)
http://www.andrewconnell.com/blog/articles/HowToConfigPublishingSiteWithDualAuthProvidersAndAnonAccess.aspx
Basically you want dual authentication, Windows for one set of users and anonymous or FBA for another (and each access the site using a different URL)
Hope that helps.
After I log into my sharepoint website, I have to login everytime I access a document from the library. Is there a way to fix this?
Thanks
User Level:
If your SharePoint site always prompts for username/password on accessing it you can set your browser to not prompt
In Internet Explorer, go to Tools
Click Internet Options
add your site URL to Internet Explorers "Local Intranet Sites" section.
Open Security tab
Click Custom Level button
Scroll down to this screen and select "Automatic logon with current username and password" radio button
Click OK.
Administrator Level:
you can add your site's internal zone URL in Alternate Access Mappings section on Central Administration>Operations site, The SharePoint server always does not prompt for username/password and you can enjoy.
When using Windows Vista or Windows 7 the office tools (e.g. Word) do not look at the Local Intranet list of Internet Explorer. But they look at the following registry location:
HKEY__LOCAL__MACHINE\SYSTEM\CurrentControlSet\Services\WebClient\Parameters\AuthForwardServerList
If your sharepoint site is located at share.myserver.com you can set the above registry entry to *.myserver.com (including the *) so that all addresses ending with myserver.com are trusted by the office applications. This will prevent the login popup box from appearing.
For more info see this microsoft article. It solved the problem for me.
Add the SharePoint site to your trusted sites or local intranet in Internet Options.
This is to do with the way Word does the request for a file It sends an anonymous request first. What solves this is setting the session cookie to be valid for a year.
Are you using AD for the Authentication ?
Are you browsing the site from same network where it is hosted or on a Different N/W ?
If in the Same new work "Add the SharePoint site to your trusted sites or local intranet in Internet Options" and in the Trusted Sites Security Custom Level , User Authentication Section select the Option Automatically Login with the Current User Name and Password.
If you are browsing from Different n/w its bit tough to get it .
I experience this every day. My local machine is on a different domain to the SharePoint server so I have to log in every time I access SharePoint with a different application. This includes IE, Word, InfoPath, etc...
There is no way I've found to avoid it as it's simply part of using Windows authentication. Saving your password can help but still shows a dialog.
There are quite a few things that could cause this and you don't give much detail on your setup in the Q to give you an answer but...
The most comprehensive article I've found for troubleshooting this is
Unwanted Authentication Prompts
This issue is familiar to me and I've previously used the upvoted solution to the problem. However, recently I discovered that using Google Chrome rather than Internet Explorer makes this problem go away!
Solution: Use Chrome.
Switching to Basic Authentication will resolve this issue at a cost of passing credentials in clear text.